freakick22 / SpyAILinks
Intelligent Malware that takes screenshots for entire monitors and exfiltrate them through Trusted Channel Slack to the C2 server that's using GPT-4 Vision to analyze them and construct daily activity — frame by frame
☆35Updated this week
Alternatives and similar repositories for SpyAI
Users that are interested in SpyAI are comparing it to the libraries listed below
Sorting:
- Exfiltrate data over audio output from remote desktop sessions - Covert channel PoC☆62Updated 9 months ago
- Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis☆66Updated last year
- Proof of concept source code and misc files for my CVE-2025-21692 exploit, kernel version 6.6.75☆29Updated this week
- Vibe Malware Triage - MCP server for static PE analysis.☆68Updated 4 months ago
- Lena's scripts/code/resources for malware analysis☆26Updated last year
- Tool that can be used to trim useless things from a PE file such as the things a file pumper would add.☆27Updated 5 months ago
- Easy peasy file uploads☆24Updated 3 weeks ago
- Parent Process ID Spoofing, coded in CGo.☆23Updated 5 months ago
- Make an Linux Kernel rootkit visible again.☆55Updated 6 months ago
- One Click Tool to Scan All the Enabled Protection of current Windows NT Kernel☆43Updated last year
- ☆16Updated 4 months ago
- UAC Bypass using CMSTP in Rust☆32Updated 9 months ago
- ☆32Updated 6 months ago
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆34Updated last year
- Bypasses AMSI protection through remote memory patching and parsing technique.☆50Updated 4 months ago
- ☆12Updated last year
- BlackHat Asia 2025 code and presentations☆18Updated 5 months ago
- BYOVD Technique Example using viragt64 driver☆53Updated last year
- The Frida-Jit-unPacker aims at helping researchers and analysts understand the behavior of packed malicious .NET samples.☆64Updated last year
- Scan strings or files for malware using the Windows Antimalware Scan Interface☆30Updated 2 years ago
- ☆29Updated last year
- DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable☆57Updated last year
- ☆46Updated 2 months ago
- Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …☆38Updated 7 months ago
- A Payload Analysis Framework☆84Updated 2 months ago
- ☆34Updated 5 months ago
- Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current pr…☆21Updated last year
- Windows AppLocker Driver (appid.sys) LPE☆65Updated last year
- Backdooring VSCode Projects☆79Updated 3 months ago
- PfSense Stored XSS lead to Arbitrary Code Execution exploit☆47Updated 8 months ago