heikipikker / Ender-RatLinks
Remote Administration Tool For Windows
☆13Updated 7 years ago
Alternatives and similar repositories for Ender-Rat
Users that are interested in Ender-Rat are comparing it to the libraries listed below
Sorting:
- WORK IN PROGRESS. RAT written in C++ using Win32 API☆19Updated 5 years ago
- Enumerate the DLLs/Modules using NtQueryVirtualMemory☆32Updated 10 years ago
- Maintain Windows Persistence with an evil Netshell Helper DLL☆12Updated 6 years ago
- PE Injection with ring3 hook bypass☆10Updated 4 years ago
- a open source rat from china☆26Updated 8 years ago
- Process Hollowing Packer☆26Updated 7 years ago
- Convert native dll to shellcode, and support exported function☆22Updated 4 years ago
- A kernel mode Windows rootkit in development.☆49Updated 3 years ago
- Windows Sandbox Framework☆38Updated 3 years ago
- Phantom DLL Hollowing method implemented in modmap☆17Updated 4 years ago
- Inject shellcode to process using Windows NTAPI for bypassing EDRs and Antiviruses☆41Updated 4 years ago
- Process Hollowing demonstration & explanation☆35Updated 4 years ago
- Simple remote administration tool. Written in c++ and MASM.☆18Updated 7 years ago
- TCP Asynchronous Socket - Remote Administration Tool☆10Updated 6 years ago
- Bypass UAC by abusing the Windows Defender Firewall Control Panel, environment variables, and shell protocol handlers☆18Updated 3 years ago
- Add export function and convert exe to dll☆25Updated 4 years ago
- Only for research and learning, not for commercial and illegal use☆11Updated 5 years ago
- A tool is used to infected a shellcode to PE file, the shellcode is packed at compile time and unpacked at runtime☆13Updated 4 years ago
- A Study in Obfuscation: Analyzing the effect of various techniques to bypass AV engines☆42Updated 2 years ago
- 从admin冲到TrustedInstaller☆17Updated 2 years ago
- Rebuild of the original Remote Admin Tool☆9Updated 5 years ago
- HTTPS GET RAT and Memory Loader☆25Updated last week
- exploit termdd.sys(support kb4499175)☆59Updated 5 years ago
- C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.☆30Updated 3 years ago
- An example of how to spawn a process with a spoofed parent PID (Visual C++)☆27Updated 6 years ago
- A Proof-of-Concept win32 DLL that makes use of netbios session token replay to propagate through a Windows Domain☆25Updated 7 years ago
- Open-source EDR kernel-component for system monitoring and DLL injection☆31Updated 4 years ago
- Loader and RunPE file executer☆17Updated 6 years ago
- The project was upgraded from https://coder.pub/ and supported VS2017. The original author wrote the detailed design ideas documentation…☆19Updated 7 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆40Updated 4 years ago