hideckies / malsrc
Collection of malware techniques for red teams.
☆48Updated this week
Alternatives and similar repositories for malsrc:
Users that are interested in malsrc are comparing it to the libraries listed below
- Threadless shellcode injection tool☆63Updated 8 months ago
- Create Anti-Copy DRM Malware☆55Updated 8 months ago
- Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion☆76Updated 2 weeks ago
- Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…☆62Updated last year
- ☆125Updated 7 months ago
- A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.☆63Updated 3 months ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆120Updated 6 months ago
- Construct the payload at runtime using an array of offsets☆63Updated 10 months ago
- A Mythic agent for Windows written in C☆119Updated this week
- Execute shellcode via Bluetooth device authentication☆38Updated 2 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆74Updated 8 months ago
- ApexLdr is a DLL Payload Loader written in C☆108Updated 9 months ago
- A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆32Updated last month
- ☆97Updated 7 months ago
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆136Updated last month
- Section-based payload obfuscation technique for x64☆59Updated 8 months ago
- A command and control framework.☆50Updated 4 months ago
- shell code example☆46Updated last week
- A simple Sleepmask BOF example☆98Updated 7 months ago
- A collection of position independent coding resources☆77Updated 2 months ago
- A BOF to enumerate system process, their protection levels, and more.☆115Updated 4 months ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆114Updated 3 months ago
- Windows Kernel Offensive Toolset☆120Updated 7 months ago
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆48Updated 11 months ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆76Updated 2 months ago
- PowerShell script to generate ShellCode in various formats☆41Updated 7 months ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆81Updated 6 months ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆151Updated last year
- Work, timer, and wait callback example using solely Native Windows APIs.☆88Updated last year
- ☆106Updated 2 months ago