gelven4sec / NotPetyaAgain
PoC of a UEFI Petya ransomware
☆37Updated last year
Related projects: ⓘ
- A Bumblebee-inspired Crypter☆79Updated last year
- Red Team Operation's Defense Evasion Technique.☆50Updated 3 months ago
- A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.☆81Updated last year
- Bypass Malware Time Delays☆96Updated last year
- a stage1 DLL loader with sleep obfuscation☆32Updated last year
- Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware☆23Updated 4 years ago
- 💻 Windows 10 Kernel-mode rootkit☆30Updated 2 years ago
- Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users☆42Updated last year
- abusing Process Hacker driver to terminate other processes (BYOVD)☆81Updated last year
- An initial proof of concept of a bootkit based on Cr4sh's DMABackdoorBoot☆56Updated last year
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- Small PoC of using a Microsoft signed executable as a lolbin.☆131Updated last year
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆36Updated 6 months ago
- Shellcodev is a tool designed to help and automate the process of shellcode creation.☆100Updated 11 months ago
- Research into removing strings & API call references at compile-time (Anti-Analysis)☆22Updated 3 months ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆91Updated last year
- Antivirus killer using ring-0 kernel driver. Antivirus processes will automatically close while the killer is running.☆6Updated last year
- using the gpu to hide your payload☆47Updated 2 years ago
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆22Updated last month
- GetModuleHandle (via PEB) and GetProcAddress (via EAT) like☆31Updated 2 years ago
- ☆96Updated this week
- API Hammering with C++20☆34Updated 2 years ago
- Piece of code to detect and remove hooks in IAT☆51Updated 2 years ago
- VirusTotal Stealer is a DATA Exfiltration tool that exfitrate office documents and tunnel them over VirusTotal API to the Team Server☆62Updated 11 months ago
- Process Ghosting is a technique in which a process is created from a delete pending file. This means the created process is not backed by…☆14Updated 4 months ago
- ☆15Updated 2 years ago
- C++ Multi-Stage Semi-Polymorphic Malware Loader.☆8Updated 2 years ago
- Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10☆37Updated last year
- Splitting and executing shellcode across multiple pages☆98Updated last year
- It's pointy and it hurts!☆120Updated last year