hasherezade / hidden_bee_tools
Parser for a custom executable format from Hidden Bee malware (first stage)
☆39Updated this week
Related projects: ⓘ
- Windows GPU rootkit PoC by Team Jellyfish☆35Updated 9 years ago
- ☆40Updated this week
- ☆21Updated 3 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 6 years ago
- NT AUTHORITY\SYSTEM☆37Updated 4 years ago
- A ready-made template for a project based on libpeconv.☆40Updated last year
- ☆22Updated 4 years ago
- Kernel mode windows NT API logger☆21Updated 5 years ago
- ☆11Updated this week
- ☆31Updated 4 years ago
- "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …☆39Updated 4 years ago
- Antivirus Emulator Fingerprints☆25Updated 5 years ago
- Windows x64 Process Scanner to detect application compatability shims☆37Updated 5 years ago
- Remote PE reflective injection with a simple reflective loader☆28Updated 5 years ago
- My collection of unpackers for malware packers/crypters☆28Updated 7 years ago
- ☆12Updated this week
- ☆27Updated this week
- Clone running process with ZwCreateProcess☆58Updated 3 years ago
- ☆19Updated this week
- A set of small utilities, helpers for PIN tracers☆31Updated 11 months ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆65Updated 3 years ago
- PoC for detecting and dumping process hollowing code injection☆50Updated 5 years ago
- ☆44Updated this week
- Sysmon shenanigans☆65Updated 3 years ago
- Example for PagedOut!☆24Updated 4 years ago
- Infects PE files with a shellcode☆15Updated 5 years ago
- Reflective DLL Injection style process infector☆19Updated 6 years ago
- ☆48Updated 4 years ago