Recreating and reviewing the Windows persistence methods
☆39Nov 18, 2021Updated 4 years ago
Alternatives and similar repositories for Persistence
Users that are interested in Persistence are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.☆756Nov 16, 2021Updated 4 years ago
- Process Hollowing demonstration & explanation☆36Feb 25, 2021Updated 5 years ago
- ☆84Aug 26, 2024Updated last year
- Bypass UAC by hijacking a DLL located in the Native Image Cache☆212Nov 21, 2021Updated 4 years ago
- PowerShell Obfuscation and Data Science☆180May 4, 2022Updated 3 years ago
- ☆15Dec 16, 2020Updated 5 years ago
- A .NET tool for exporting and importing certificates without touching disk.☆502Oct 8, 2021Updated 4 years ago
- Tiny Windows executable that outputs version information about the OS.☆11Feb 1, 2026Updated last month
- Source Code of MSIL Ransom☆14Feb 11, 2023Updated 3 years ago
- Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling☆32Aug 7, 2019Updated 6 years ago
- ☆65Nov 12, 2022Updated 3 years ago
- Making Shellcode fully undetectable using uuid☆23May 7, 2021Updated 4 years ago
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- .lib file for linking against the NT CRT☆19Mar 18, 2022Updated 4 years ago
- Post-exploitation tool for attacking Active Directory domain controllers☆18Dec 18, 2022Updated 3 years ago
- Linux AV tests☆13Apr 23, 2019Updated 6 years ago
- Miscellaneous Code and Docs☆83Jul 12, 2025Updated 8 months ago
- Use NtSetInformationThread(ThreadBreakOnTermination) for anti-debugging☆15Sep 21, 2019Updated 6 years ago
- Execute an arbitrary command within the context of another process☆21Jun 28, 2019Updated 6 years ago
- Advanced Machine Decoder for x86, aarch32 and aarch64.☆21Mar 15, 2020Updated 6 years ago
- Some simple scripts for decrypting passwords retrieved from a Manage Engine OpManager installation☆11Jan 28, 2016Updated 10 years ago
- An attempt at reversing WindowsDefender☆20Oct 6, 2024Updated last year
- This is a simple example and explanation of obfuscating API resolution via hashing☆237May 25, 2020Updated 5 years ago
- ☆18Dec 9, 2023Updated 2 years ago
- Nice try reading NTDLL from disk, nerd.☆19Apr 18, 2022Updated 3 years ago
- Project Ares is a Proof of Concept (PoC) loader written in C/C++ based on the Transacted Hollowing technique☆338Jan 16, 2022Updated 4 years ago
- 2 ways of Password Filter DLL to record the plaintext password☆64Apr 17, 2021Updated 4 years ago
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆17Aug 14, 2023Updated 2 years ago
- Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging☆580Mar 8, 2024Updated 2 years ago
- Collection of cracked malware☆15Dec 28, 2018Updated 7 years ago
- Evasive Process Hollowing Techniques☆142Aug 16, 2020Updated 5 years ago
- Execute shellcode with ZwCreateSection, ZwMapViewOfSection, ZwOpenProcess, ZwMapViewOfSection and ZwCreateThreadEx☆15Apr 26, 2021Updated 4 years ago
- Use current thread token to execute command☆15Jan 27, 2021Updated 5 years ago
- ☆23May 28, 2021Updated 4 years ago
- IOCTL-Flooder is a verbose tool designed to help with Windows driver fuzzing by brute forcing IOCTLs on loaded drivers. GetLastError is u…☆11Aug 21, 2018Updated 7 years ago
- Pure C++, weaponized, fully automated implementation of RottenPotatoNG☆314Sep 16, 2021Updated 4 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆116Feb 27, 2021Updated 5 years ago
- Suite of Shellcode Running Utilities☆113Jan 30, 2020Updated 6 years ago
- 0day Windows/x64 Inject All Processes With Meterpreter Reverse Shell Shellcode (655 bytes)☆50Jul 30, 2021Updated 4 years ago