cyberark / malware-researchLinks
☆37Updated 3 months ago
Alternatives and similar repositories for malware-research
Users that are interested in malware-research are comparing it to the libraries listed below
Sorting:
- Listing UDP connections with remote address without sniffing.☆29Updated last year
- Recreating and reviewing the Windows persistence methods☆38Updated 3 years ago
- ☆27Updated 6 months ago
- Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10☆37Updated 2 years ago
- It's pointy and it hurts!☆126Updated 2 years ago
- Identifies metadata of .NET binary files.☆21Updated last year
- ☆73Updated last year
- Small tool to play with IOCs caused by Imageload events☆42Updated 2 years ago
- An example of COM hijacking using a proxy DLL.☆28Updated 3 years ago
- This x64dbg plugin allows you to upload your sample to Malcore and view the results.☆37Updated last year
- A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows☆52Updated 4 years ago
- Small visualizator for PE files☆69Updated last year
- Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver☆50Updated last year
- General malware analysis stuff☆37Updated 9 months ago
- CSharp4Pentesters☆12Updated 3 years ago
- NT AUTHORITY\SYSTEM☆38Updated 4 years ago
- Windows AppLocker Driver (appid.sys) LPE☆62Updated 10 months ago
- A payload delivery system which embeds payloads in an executable's icon file!☆74Updated last year
- (Sim)ulate (Ba)zar Loader☆29Updated 4 years ago
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆116Updated 2 years ago
- Repo containing my public talks☆23Updated 2 years ago
- Golang bindings for PE-sieve☆43Updated last year
- A Flask-based HTTP(S) command and control (C2) with a web frontend. Malleable agent written in Go.☆36Updated last year
- ☆30Updated 7 months ago
- Bypass UAC on Windows 10/11 x64 using ms-settings DelegateExecute registry key.☆77Updated 2 years ago
- Unpacker and Config Extractor for managed Redline Stealer payloads☆41Updated 2 years ago
- A PoC for achieving persistence via push notifications on Windows☆46Updated 2 years ago
- A C implementation of the Sektor7 "A Thief" Windows privesc technique.☆62Updated 3 years ago
- Dell Driver EoP (CVE-2021-21551)☆32Updated 3 years ago
- Process Ghosting is a technique in which a process is created from a delete pending file. This means the created process is not backed by…☆14Updated last year