guitmz / nasty
Reverse text segment x64 ELF infector written in Assembly
☆19Updated 3 years ago
Alternatives and similar repositories for nasty:
Users that are interested in nasty are comparing it to the libraries listed below
- Abusing exceptions for code execution.☆108Updated last year
- Implementation of Advanced Module Stomping and Heap/Stack Encryption☆9Updated last year
- An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples☆68Updated 2 years ago
- In line function hooking LKM rootkit☆51Updated 4 years ago
- Helper idapython code for reversing kmdf drivers☆71Updated 2 years ago
- IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).☆86Updated 3 years ago
- This x64dbg plugin allows you to upload your sample to Malcore and view the results.☆33Updated last year
- Binary Ninja plugin for interacting with the OALabs HashDB service☆17Updated 2 months ago
- Process Injection without R/W target memory and without creating a remote thread☆19Updated 2 years ago
- Ebfuscator: Abusing system errors for binary obfuscation☆52Updated 4 years ago
- Sample project for kernel debugging automation with Vagrant☆59Updated 4 years ago
- Simple project using syscalls (via Syswhispers2) to execute MessageBox shellcode.☆73Updated 3 years ago
- A code parser for C-Style header files that lets you to parse function's prototypes and data types used in their parameters.☆93Updated 2 years ago
- ☆25Updated 2 months ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆71Updated 3 years ago
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆69Updated last year
- Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.☆96Updated 4 years ago
- "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …☆39Updated 4 years ago
- uefi diskless persistence technique + OVMF secureboot bypass☆53Updated 8 months ago
- A journal for $6,000 Riot Vanguard bounty.☆59Updated last year
- ☆90Updated 4 years ago
- ☆65Updated last year
- A kernel vulnerability used to achieve arbitrary read-write on Windows prior to July 2022☆106Updated 2 years ago
- Anti-Debug encyclopedia contains methods used by malware to verify if they are executed under debugging. It includes the description of v…☆52Updated last year
- How to set up 2 VirtualBox VM to debug kernel driver using windbg☆52Updated 2 years ago
- WslinkVMAnalyzer is a tool to facilitate analysis of code protected by a virtual machine featured in Wslink malware☆45Updated 2 years ago
- A fast execution trace symbolizer for Windows that runs on all major platforms and doesn't depend on any Microsoft libraries.☆89Updated 3 months ago
- A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.☆86Updated last year
- ☆158Updated 3 years ago