guitmz / nastyLinks
Reverse text segment x64 ELF infector written in Assembly
☆20Updated 3 years ago
Alternatives and similar repositories for nasty
Users that are interested in nasty are comparing it to the libraries listed below
Sorting:
- In line function hooking LKM rootkit☆52Updated 5 years ago
- Abusing exceptions for code execution.☆111Updated 2 years ago
- A PE parser written in C++ which does not uses OOP. Helpful if you want to learn about PE parsing.☆18Updated 2 years ago
- An example of hijacking the dynamic linker with a custom interpreter who loads and executes modular viruses☆67Updated 3 years ago
- Simple project using syscalls (via Syswhispers2) to execute MessageBox shellcode.☆75Updated 3 years ago
- ☆71Updated 2 years ago
- A Python script to download PDB files associated with a Portable Executable (PE)☆125Updated 6 months ago
- ☆163Updated 3 years ago
- How to set up 2 VirtualBox VM to debug kernel driver using windbg☆55Updated 3 years ago
- POC of a better implementation of GetProcAddress for ntdll using binary search☆109Updated last year
- An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples☆71Updated 3 years ago
- This x64dbg plugin allows you to upload your sample to Malcore and view the results.☆37Updated 2 years ago
- Small visualizator for PE files☆69Updated last year
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆73Updated 2 years ago
- Windows Kernel Programming Experiments☆80Updated 2 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆114Updated 4 years ago
- a PE Loader and Windows API tracer. Useful in malware analysis.☆143Updated 2 years ago
- MalUnpack companion driver☆98Updated last year
- "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …☆39Updated 5 years ago
- vulnerability in zam64.sys, zam32.sys allowing ring 0 code execution. CVE-2021-31727 and CVE-2021-31728 public reference.☆91Updated 4 years ago
- Windows API Hashes used in the malwares☆42Updated 10 years ago
- Do you want to use x64dbg instead of immunity debugger? oscp eCPPTv2 buffer overflow exploits pocs☆88Updated last year
- TrashDBG the world's worse debugger☆23Updated 3 years ago
- IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).☆93Updated 3 years ago
- An ELF / PE binary packer written in pure C, made for fun☆97Updated last year
- Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware☆30Updated 5 years ago
- Process Injection without R/W target memory and without creating a remote thread☆19Updated 3 years ago
- C# implementation to produce ROR-13 numeric hash for given function API name☆33Updated 6 years ago
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆116Updated 2 years ago
- Recon 2023 slides and code☆79Updated 2 years ago