gelven4sec / NotPetyaAgain

Related projects: ⓘ

• knight0x07 / BumbleCrypt
  A Bumblebee-inspired Crypter
  ☆79Updated last year
• vatsalgupta67 / Process-Hollowing
  Red Team Operation's Defense Evasion Technique.
  ☆50Updated 3 months ago
• realoriginal / blacklotus
  A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.
  ☆81Updated last year
• ZeroMemoryEx / SleepKiller
  Bypass Malware Time Delays
  ☆96Updated last year
• zimnyaa / insomnia
  a stage1 DLL loader with sleep obfuscation
  ☆32Updated last year
• fcccode / Vx-Engines
  Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware
  ☆23Updated 4 years ago
• 0x44F / WinKit
  💻 Windows 10 Kernel-mode rootkit
  ☆30Updated 2 years ago
• PL-V / Firefox-Grabber
  Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users
  ☆42Updated last year
• ZeroMemoryEx / Overlord
  abusing Process Hacker driver to terminate other processes (BYOVD)
  ☆81Updated last year
• realoriginal / bootdoor
  An initial proof of concept of a bootkit based on Cr4sh's DMABackdoorBoot
  ☆56Updated last year
• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆35Updated 2 years ago
• mrexodia / lolbin-poc
  Small PoC of using a Microsoft signed executable as a lolbin.
  ☆131Updated last year
• cbrnrd / maliketh
  🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python
  ☆36Updated 6 months ago
• XaFF-XaFF / Shellcodev
  Shellcodev is a tool designed to help and automate the process of shellcode creation.
  ☆100Updated 11 months ago
• AlSch092 / HideStaticReferences
  Research into removing strings & API call references at compile-time (Anti-Analysis)
  ☆22Updated 3 months ago
• connormcgarr / EATGuard
  Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)
  ☆91Updated last year
• APT64 / KernelAVKiller
  Antivirus killer using ring-0 kernel driver. Antivirus processes will automatically close while the killer is running.
  ☆6Updated last year
• NUL0x4C / GP
  using the gpu to hide your payload
  ☆47Updated 2 years ago
• Cracked5pider / unguard-eat
  havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets
  ☆22Updated last month
• xalicex / Get-DLL-and-Function-Addresses
  GetModuleHandle (via PEB) and GetProcAddress (via EAT) like
  ☆31Updated 2 years ago
• D1rkMtr / RecyclePersist
  ☆96Updated this week
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆34Updated 2 years ago
• xalicex / Unhook-Import-Address-Table
  Piece of code to detect and remove hooks in IAT
  ☆51Updated 2 years ago
• SaadAhla / VT-stealer
  VirusTotal Stealer is a DATA Exfiltration tool that exfitrate office documents and tunnel them over VirusTotal API to the Team Server
  ☆62Updated 11 months ago
• BlackHat-Ashura / Process_Ghosting
  Process Ghosting is a technique in which a process is created from a delete pending file. This means the created process is not backed by…
  ☆14Updated 4 months ago
• EvaStanAccount / MalwareDev
  ☆15Updated 2 years ago
• brat-volk / EntomoLoader
  C++ Multi-Stage Semi-Polymorphic Malware Loader.
  ☆8Updated 2 years ago
• reveng007 / DareDevil
  Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10
  ☆37Updated last year
• x0reaxeax / PageSplit
  Splitting and executing shellcode across multiple pages
  ☆98Updated last year
• SpikySabra / Kernel-Cactus
  It's pointy and it hurts!
  ☆120Updated last year