Alternatives and similar repositories for offzone-2024-malware-persistence-workshop

Users that are interested in offzone-2024-malware-persistence-workshop are comparing it to the libraries listed below

• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆124Updated 2 weeks ago
• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆71Updated last year
• EvilBytecode / EvilByte-Remote-AMSI-Bypass
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆54Updated 8 months ago
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆51Updated last year
• OtterHacker / Hooker
  ☆108Updated last year
• furax124 / Protect_Loader
  A fucking real shellcode loader with a GUI. Work-in-Progress.
  ☆81Updated 6 months ago
• EvilBytecode / Ebyte-AMSI-ProxyInjector
  A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuf…
  ☆61Updated 8 months ago
• Dor00tkit / CVE-2024-30090
  CVE-2024-30090 - LPE PoC
  ☆107Updated last year
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆90Updated 8 months ago
• BeetleChunks / Obligato
  This project is an implant framework designed for long term persistent access to Windows machines.
  ☆109Updated 2 years ago
• ghostbyt3 / WinDriver-EXP
  This repo contains PoCs for vulnerable Windows drivers.
  ☆88Updated last month
• pulpocaminante / PPL-0day
  Demoting PPL anti-malware services to less than a guest user
  ☆65Updated 11 months ago
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆52Updated 5 months ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆64Updated last year
• Whitecat18 / earlycascade-injection
  Early cascade injection PoC based on Outflanks blog post written in Rust
  ☆67Updated 3 weeks ago
• whokilleddb / function-collections
  A collection of PoCs to do common things in unconventional ways
  ☆122Updated 4 months ago
• S3N4T0R-0X0 / Hunter
  Охотник (Hunter) is a simple Adversary Simulation tool developed for achieves stealth through API unhooking, direct and indirect syscalls…
  ☆90Updated 8 months ago
• alex3O / BYOVD-DriverKiller
  Driver Reverse & Exploitation
  ☆82Updated 4 months ago
• ghostpepper108 / Evasion
  ☆107Updated 2 years ago
• 0x4d5a-ctf / 38c3_com_talk
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆74Updated last year
• hdks-bug / redteam-techniques
  Collection of red team techniques.
  ☆65Updated 8 months ago
• xaitax / NTSleuth
  Comprehensive Windows Syscall Extraction & Analysis Framework
  ☆159Updated 4 months ago
• brosck / L1LKiller
  「⚠️」Performing a BYOVD on the truesight.sys driver
  ☆44Updated last year
• rad9800 / talks
  ☆60Updated 8 months ago
• Kudaes / Eclipse
  Activation Context Hijack
  ☆169Updated 5 months ago
• lsecqt / BSides-2024-Malware-Development-101-From-Zero-to-Non-Hero
  ☆44Updated last year
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆71Updated last year
• warpnet / COM-Fuzzer
  Gain insights into COM/DCOM implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By…
  ☆154Updated last month
• WKL-Sec / FuncAddressPro
  A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
  ☆72Updated last year
• TwoSevenOneT / EDRStartupHinder
  EDRStartupHinder: A red team tool to prevent Antivirus and EDR from running.
  ☆149Updated last week