My adventures in learning about different userland malware techniques, such as syscalls, injection, unhooking or sandbox evasion.
☆79Jan 10, 2024Updated 2 years ago
Alternatives and similar repositories for MalwareAdventurez
Users that are interested in MalwareAdventurez are comparing it to the libraries listed below
Sorting:
- Learn Winapi in this Repo with examples, to understand its abstraction in reverse engineering for Windows.☆11Aug 8, 2022Updated 3 years ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆84Jan 6, 2023Updated 3 years ago
- malleable profile generator GUI for Havoc☆55Apr 28, 2023Updated 2 years ago
- WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs☆18Aug 11, 2023Updated 2 years ago
- Red-Teaming TempleOS.☆17Jul 29, 2022Updated 3 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆136Jan 2, 2023Updated 3 years ago
- Reverse Socks5 proxy for windows☆16Oct 13, 2022Updated 3 years ago
- ☆45Jan 1, 2023Updated 3 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Sep 29, 2018Updated 7 years ago
- Trolling Keyloggers by Forcing them to log Specific Text then freezing them☆22Jul 30, 2022Updated 3 years ago
- different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)☆202Aug 2, 2023Updated 2 years ago
- A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk☆473Jul 6, 2024Updated last year
- Performing Indirect Clean Syscalls☆605Apr 19, 2023Updated 2 years ago
- Artemis - C++ Hell's Gate Syscall Implementation☆34Aug 16, 2023Updated 2 years ago
- Just another casual shellcode native loader☆25Feb 3, 2022Updated 4 years ago
- Packer is a compact, fast and crosss-platform serialization library for store data in a buffer☆22Aug 5, 2023Updated 2 years ago
- My implementation of the GIUDA project in C++☆189Jul 25, 2023Updated 2 years ago
- Tool for playing with Windows Access Token manipulation.☆82Nov 28, 2022Updated 3 years ago
- Various methods of executing shellcode☆74Mar 27, 2023Updated 2 years ago
- My collection of malware dev links☆308Feb 9, 2026Updated 3 weeks ago
- Burp extension for automated handling of CSRF tokens☆16Feb 27, 2018Updated 8 years ago
- ☆20Feb 6, 2024Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that uses RegConnectRegistryA + RegOpenKeyExA API to dump registry hives on remote computer☆17Mar 4, 2023Updated 3 years ago
- Bypassing UAC with SSPI Datagram Contexts☆462Sep 24, 2023Updated 2 years ago
- miscellaneous scripts and programs☆277Jan 23, 2025Updated last year
- This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp…☆438Aug 2, 2023Updated 2 years ago
- Generate password spraying lists based on the pwdLastSet-attribute of users.☆55Dec 6, 2023Updated 2 years ago
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆590Aug 2, 2025Updated 7 months ago
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆46Jul 16, 2023Updated 2 years ago
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆45Feb 6, 2026Updated 3 weeks ago
- ☆129Dec 4, 2023Updated 2 years ago
- ☆334Sep 21, 2025Updated 5 months ago
- Simple and sane cryptographic wrapper library.☆27Apr 21, 2023Updated 2 years ago
- Transparently call NTAPI via Halo's Gate with indirect syscalls.☆15Apr 26, 2024Updated last year
- Example of async client/server sockets in .NET 5☆17Jun 9, 2021Updated 4 years ago
- Nice try reading NTDLL from disk, nerd.☆19Apr 18, 2022Updated 3 years ago
- Disable PPL via custom driver and dump lsass☆15Mar 13, 2021Updated 4 years ago
- WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.☆281Feb 24, 2025Updated last year