hfiref0x / ZeroAccess

Related projects: ⓘ

• MalwareTech / FakeMBR
  TDL4 style rootkit to spoof read/write requests to master boot record
  ☆126Updated 6 years ago
• therealdreg / anticuckoo
  A tool to detect and crash Cuckoo Sandbox
  ☆286Updated last month
• BreakingMalware / PowerLoaderEx
  PowerLoaderEx - Advanced Code Injection Technique for x32 / x64
  ☆356Updated 7 years ago
• nyx0 / Rovnix
  Rovnix Bootkit
  ☆120Updated 9 years ago
• nyx0 / Carberp
  Carberp Banking Trojan
  ☆110Updated 9 years ago
• Cr4sh / WindowsRegistryRootkit
  Kernel rootkit, that lives inside the Windows registry values data
  ☆484Updated 6 years ago
• nyx0 / Tinba
  Tinba Banking Trojan
  ☆82Updated 9 years ago
• hasherezade / chimera_pe
  ChimeraPE (a PE injector type - alternative to: RunPE, ReflectiveLoader, etc) - a template for manual loading of EXE, loading imports pay…
  ☆218Updated last year
• secrary / InfectPE
  InfectPE - Inject custom code into PE file [This project is not maintained anymore]
  ☆317Updated 7 years ago
• Spajed / processrefund
  An attempt at Process Doppelgänging
  ☆183Updated 6 years ago
• gpoulios / ROPInjector
  Patching ROP-encoded shellcodes into PEs
  ☆180Updated 6 years ago
• hzphreak / VMInjector
  DLL Injection tool to unlock guest VMs
  ☆231Updated 11 years ago
• BromiumLabs / PackerAttacker
  C++ application that uses memory and code hooks to detect packers
  ☆266Updated 6 years ago
• fdiskyou / www.rootkit.com
  ☆126Updated this week
• Professor-plum / Reflective-Driver-Loader
  ☆390Updated 7 years ago
• dismantl / ImprovedReflectiveDLLInjection
  An improvement of the original reflective DLL injection technique by Stephen Fewer of Harmony Security
  ☆315Updated 7 years ago
• shahriyarj / DriveCrypt
  ☆89Updated this week
• HexHive / malWASH
  ☆112Updated 8 years ago
• hasherezade / snippets
  ☆103Updated this week
• conix-security / zer0m0n
  zer0m0n driver for cuckoo sandbox
  ☆350Updated 9 years ago
• hryuk / Carberp
  ☆518Updated 6 years ago
• kgretzky / python-x86-obfuscator
  This is a **WIP** tool that performs shellcode obfuscation in x86 instruction set.
  ☆226Updated 8 years ago
• Cn33liz / TpmInitUACBypass
  ☆135Updated this week
• BorjaMerino / Pazuzu
  Pazuzu: Reflective DLL to run binaries from memory
  ☆210Updated 4 years ago
• MalwareTech / TinyXPB
  Windows XP 32-Bit Bootkit
  ☆139Updated 9 years ago
• hfiref0x / VMDE
  Source from VMDE paper, adapted to 2015
  ☆175Updated 6 years ago
• EgeBalci / Cminer
  Cminer is a tool for enumerating the code caves in PE files.
  ☆139Updated last year
• hackedteam / scout-win
  Scout backdoor for Windows
  ☆117Updated 9 years ago
• WithSecureLabs / doublepulsar-usermode-injector
  A utility to use the usermode shellcode from the DOUBLEPULSAR payload to reflectively load an arbitrary DLL into another process, for use…
  ☆114Updated 7 years ago
• ivildeed / vmw_vmx_overloader
  Loading unsigned code into kernel in Windows 10 (64) with help of VMware Workstation Pro/Player design flaw
  ☆135Updated 7 years ago