hasherezade / hidden_bee_toolsLinks
Parser for a custom executable formats from Hidden Bee and Rhadamanthys malware
☆54Updated 2 weeks ago
Alternatives and similar repositories for hidden_bee_tools
Users that are interested in hidden_bee_tools are comparing it to the libraries listed below
Sorting:
- Windows GPU rootkit PoC by Team Jellyfish☆36Updated 10 years ago
- NT AUTHORITY\SYSTEM☆38Updated 5 years ago
- A small library helping to parse commandline parameters (for C/C++)☆57Updated 2 months ago
- Sysmon shenanigans☆66Updated 4 years ago
- ☆22Updated 4 years ago
- Exploits I've authored☆60Updated 6 years ago
- A set of small utilities, helpers for PIN tracers☆32Updated last year
- Small visualizator for PE files☆69Updated last year
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 7 years ago
- "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …☆39Updated 5 years ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆72Updated 4 years ago
- ☆36Updated 6 years ago
- ☆22Updated 5 years ago
- A Practical example of ELAM (Early Launch Anti-Malware)☆35Updated 3 years ago
- Clone running process with ZwCreateProcess☆58Updated 4 years ago
- ☆31Updated 5 years ago
- Windows x64 Process Scanner to detect application compatability shims☆37Updated 6 years ago
- Fileless persistence, attacks and anti-forensic capabilties.☆93Updated 6 years ago
- PoC designed to evade userland-hooking anti-virus.☆89Updated 6 years ago
- Simple PE Packer Which Encrypts .text Section☆50Updated 8 years ago
- Process Hollowing demonstration & explanation☆33Updated 4 years ago
- Recreating and reviewing the Windows persistence methods☆39Updated 3 years ago
- Gozi ISFB is a well-known and widely distributed banking trojan, and has been in the threat landscape for the past several years.☆65Updated 7 years ago
- A ready-made template for a project based on libpeconv.☆50Updated 6 months ago
- Remote PE reflective injection with a simple reflective loader☆32Updated 6 years ago
- ☆36Updated 3 years ago
- Antivirus Emulator Fingerprints☆29Updated 6 years ago
- Neutralize KEPServerEX anti-debugging techniques☆32Updated 2 years ago
- Python 3 - Manipulation and conversation with different data type (Bytes operations)☆26Updated 3 years ago
- Process Injection without R/W target memory and without creating a remote thread☆19Updated 3 years ago