hideckies / malsrc
A collection of malware techniques.
☆46Updated this week
Alternatives and similar repositories for malsrc:
Users that are interested in malsrc are comparing it to the libraries listed below
- A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.☆62Updated 3 months ago
- A Mythic agent for Windows written in C☆104Updated this week
- Create Anti-Copy DRM Malware☆54Updated 7 months ago
- ApexLdr is a DLL Payload Loader written in C☆108Updated 8 months ago
- ☆121Updated last year
- ☆125Updated 7 months ago
- ☆95Updated 7 months ago
- Threadless shellcode injection tool☆62Updated 7 months ago
- Execute shellcode via Bluetooth device authentication☆35Updated last month
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆107Updated last year
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆133Updated last week
- Construct the payload at runtime using an array of offsets☆63Updated 9 months ago
- Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…☆60Updated last year
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆118Updated 5 months ago
- Windows Thread Pool Injection Havoc Implementation☆28Updated last year
- ☆104Updated last month
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆83Updated 2 years ago
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆118Updated 2 years ago
- Modified versions of the Cobalt Strike Process Injection Kit☆93Updated last year
- ☆105Updated 2 months ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆79Updated 5 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆73Updated 7 months ago
- ☆54Updated 5 months ago
- A BOF to enumerate system process, their protection levels, and more.☆115Updated 4 months ago
- A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆31Updated 3 weeks ago
- Section-based payload obfuscation technique for x64☆59Updated 7 months ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆147Updated last year
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆149Updated last year
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆47Updated 10 months ago
- Template-based generation of shellcode loaders☆77Updated 11 months ago