hideckies / malsrc

Related projects ⓘ

Alternatives and complementary repositories for malsrc

• Orange-Cyberdefense / EDRSnowblast
  This project is an EDRSandblast fork, adding some features and custom pieces of code.
  ☆21Updated last year
• dis0rder0x00 / ParentProcessManipulation-LNK
  Using LNK files and user input simulation to start processes under explorer.exe
  ☆23Updated 2 months ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆58Updated 3 months ago
• NtDallas / Fenrir
  stack spoofing
  ☆53Updated this week
• WKL-Sec / StackMask
  A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.
  ☆55Updated last year
• CICADA8-Research / TypeLibWalker
  TypeLib persistence technique
  ☆75Updated 3 weeks ago
• Ap3x / COFF-Loader
  A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader
  ☆39Updated 11 months ago
• parzel / GoSleepyCrypt
  In-memory sleep encryption and heap encryption for Go applications through a shellcode function.
  ☆39Updated 10 months ago
• EspressoCake / DefenderPathExclusions
  Creation and removal of Defender path exclusions and exceptions in C#.
  ☆30Updated last year
• MaorSabag / interactive-execute-shellcode
  A simple PoC of injection shellcode into a remote process and get the output using namepipe
  ☆37Updated 10 months ago
• Yair-Men / Passenger
  ProcExp Driver (Ab)use
  ☆20Updated last year
• itaymigdal / PartyLoader
  Threadless shellcode injection tool
  ☆60Updated 3 months ago
• Mav3rick33 / ZenLdr
  Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature
  ☆95Updated last year
• ShorSec / DllNotificationInjection
  A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and re…
  ☆19Updated last year
• S12cybersecurity / NinjaInjector
  Classic Process Injection with Memory Evasion Techniques implemantation
  ☆63Updated last year
• Teach2Breach / dll2shell
  convert compatible dlls to shellcode with sRDI. I don't remember where this came from, so if you recognize the code, let me know and I'll…
  ☆12Updated 7 months ago
• Cracked5pider / kaine-assembly
  a demo module for the kaine agent to execute and inject assembly modules
  ☆37Updated 2 months ago
• Offensive-Panda / D3MPSEC
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆22Updated 2 months ago
• NioZow / bof-collection
  ☆20Updated 3 months ago
• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆36Updated 3 months ago
• mr-r3bot / bof-modules
  BOF for C2 framework
  ☆40Updated last week
• EricEsquivel / OpsLoader
  A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader
  ☆17Updated last month
• zimnyaa / PhaseDive
  Sleep Obfuscation
  ☆41Updated 2 years ago
• b4rth0v5k1 / EarlyBirdNTDLL
  ☆34Updated last year
• Offensive-Panda / C2_Elevated_Shell_DLL_Hijcking
  DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…
  ☆37Updated 6 months ago
• c3r3br4t3 / ShadowRDP
  ☆62Updated 9 months ago
• ScriptIdiot / sleepmask_PatchlessHook
  Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW
  ☆78Updated last year
• Faran-17 / EarlyBird-APC-Injection
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆30Updated last year
• fin3ss3g0d / HookFinder
  Simple PoC to locate hooked functions by EDR in ntdll.dll
  ☆32Updated last year