My adventures in learning about different userland malware techniques, such as syscalls, injection, unhooking or sandbox evasion.
☆79Jan 10, 2024Updated 2 years ago
Alternatives and similar repositories for MalwareAdventurez
Users that are interested in MalwareAdventurez are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs☆18Aug 11, 2023Updated 2 years ago
- Red-Teaming TempleOS.☆17Jul 29, 2022Updated 3 years ago
- A C++/Asm template for PIC/EXE/DLL malware☆25Aug 12, 2025Updated 9 months ago
- Learn Winapi in this Repo with examples, to understand its abstraction in reverse engineering for Windows.☆11Aug 8, 2022Updated 3 years ago
- The GTK Keylogger☆18Aug 11, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 3 years ago
- malleable profile generator GUI for Havoc☆55Apr 28, 2023Updated 3 years ago
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆602Aug 2, 2025Updated 9 months ago
- ☆47Jan 1, 2023Updated 3 years ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆86Jan 6, 2023Updated 3 years ago
- ☆16Sep 23, 2021Updated 4 years ago
- Performing Indirect Clean Syscalls☆612May 2, 2026Updated 3 weeks ago
- vs2019 环境 Gh0st编译通过☆14Nov 28, 2021Updated 4 years ago
- ☆21Feb 6, 2024Updated 2 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆135Jan 2, 2023Updated 3 years ago
- A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk☆476Jul 6, 2024Updated last year
- Trolling Keyloggers by Forcing them to log Specific Text then freezing them☆22Jul 30, 2022Updated 3 years ago
- different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)☆204Aug 2, 2023Updated 2 years ago
- Just another ntdll unhooking using Parun's Fart technique☆76Feb 15, 2023Updated 3 years ago
- My collection of malware dev links☆317Feb 9, 2026Updated 3 months ago
- miscellaneous scripts and programs☆286May 13, 2026Updated last week
- Bypassing UAC with SSPI Datagram Contexts☆468Sep 24, 2023Updated 2 years ago
- ☆10Apr 19, 2026Updated last month
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Tool for playing with Windows Access Token manipulation.☆83Nov 28, 2022Updated 3 years ago
- ☆90Jun 2, 2024Updated last year
- random code snippets, useful for getting started☆123Nov 29, 2025Updated 5 months ago
- Artemis - C++ Hell's Gate Syscall Implementation☆34Aug 16, 2023Updated 2 years ago
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆45Feb 6, 2026Updated 3 months ago
- Reflective DLL Injection with obfuscated (XOR) shellcode☆72Dec 13, 2020Updated 5 years ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆295Jul 15, 2023Updated 2 years ago
- Find DLLs with RWX section☆80Jul 3, 2023Updated 2 years ago
- This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp…☆445Aug 2, 2023Updated 2 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Example of async client/server sockets in .NET 5☆17Jun 9, 2021Updated 4 years ago
- .NET assembly loader with patchless AMSI and ETW bypass☆381Apr 19, 2023Updated 3 years ago
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆46Jul 16, 2023Updated 2 years ago
- Extracting NetNTLM without touching lsass.exe☆244Nov 27, 2023Updated 2 years ago
- Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low…☆147May 6, 2023Updated 3 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Sep 29, 2018Updated 7 years ago
- My implementation of the GIUDA project in C++☆189Jul 25, 2023Updated 2 years ago