darkarp / MalwareDevSeries

Related projects ⓘ

Alternatives and complementary repositories for MalwareDevSeries

• m4pol / hellcat
  A windows backdoor that's use Telegram as a C2 server.
  ☆14Updated 7 months ago
• hackerhouse-opensource / CompMgmtLauncher_DLL_UACBypass
  CompMgmtLauncher & Sharepoint DLL Search Order hijacking UAC/persist via OneDrive
  ☆106Updated last year
• Octoberfest7 / BeatRev
  POC for frustrating/defeating Malware Analysts
  ☆150Updated 2 years ago
• Acebond / ReverseSocks5
  Single executable reverse SOCKS5 proxy written in Golang.
  ☆115Updated 4 months ago
• SaadAhla / ntdlll-unhooking-collection
  different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)
  ☆175Updated last year
• 0x00Check / ExploitLeakedHandle
  Identify and exploit leaked handles for local privilege escalation.
  ☆105Updated last year
• tijme / amd-ryzen-master-driver-v17-exploit
  Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).
  ☆132Updated last year
• realoriginal / titanldr-ng
  A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge …
  ☆163Updated last year
• nickzer0 / RagingRotator
  A tool for carrying out brute force attacks against Office 365, with built in IP rotation use AWS gateways.
  ☆74Updated 5 months ago
• BeetleChunks / Obligato
  This project is an implant framework designed for long term persistent access to Windows machines.
  ☆110Updated last year
• nopbrick / SeeProxy
  Golang reverse proxy with CobaltStrike malleable profile validation.
  ☆110Updated last year
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆81Updated 5 months ago
• n00py / GetFGPP
  Get Fine Grained Password Policy
  ☆65Updated 6 months ago
• nickvourd / GetWebDAVStatus
  Determine if the WebClient Service (WebDAV) is running on a remote system
  ☆16Updated 8 months ago
• 3NailsInfoSec / DCVC2
  A Golang Discord C2 unlike any other. DCVC2 uses RTP packets over a voice channel to transmit all data leaving no operational traces in t…
  ☆123Updated 2 weeks ago
• JoelGMSec / Invoke-Transfer
  PowerShell Clipboard Data Transfer
  ☆66Updated 3 months ago
• nickvourd / Rocabella
  Sniffing files generator
  ☆38Updated this week
• VirtualAlllocEx / Direct-Syscalls-A-journey-from-high-to-low
  Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low…
  ☆128Updated last year
• oldboy21 / JayFinder
  Find DLLs with RWX section
  ☆75Updated last year
• Tylous / File-Smuggling
  HTML smuggling is not an evil, it can be useful
  ☆13Updated last year
• SpecterOps / cred1py
  A Python POC for CRED1 over SOCKS5
  ☆134Updated last month
• deepinstinct / AMSI-Unchained
  Unchain AMSI by patching the provider’s unmonitored memory space
  ☆88Updated last year
• netero1010 / Quser-BOF
  Cobalt Strike BOF for quser.exe implementation using Windows API
  ☆83Updated last year
• 0xor0ne / qscan
  Quick network scanner library. https://crates.io/crates/qscan
  ☆79Updated last year
• mfdooom / threadless_loader_rs
  Threadless Injection Payload Toolkit
  ☆11Updated last year
• S12cybersecurity / RatInject
  Rat Inject is C++ Executable to gain Undetectable Persistence in Windows via 4 Registry Keys
  ☆25Updated last year
• BlackSnufkin / NyxInvoke
  NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…
  ☆158Updated 3 weeks ago
• passthehashbrowns / BOFMask
  ☆108Updated last year
• m3f157O / combine_harvester
  Rust in-memory dumper
  ☆105Updated last year