☆84Nov 21, 2024Updated last year
Alternatives and similar repositories for MalwareMorphology
Users that are interested in MalwareMorphology are comparing it to the libraries listed below
Sorting:
- A mechanism that trampoline hooks functions in x86/x64 systems.☆21Oct 9, 2024Updated last year
- ☆17Jun 28, 2023Updated 2 years ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆411Jan 11, 2026Updated last month
- WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.☆56Jun 30, 2021Updated 4 years ago
- Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework☆389Jul 30, 2024Updated last year
- Find DLLs with RWX section☆79Jul 3, 2023Updated 2 years ago
- Execute shellcode from a remote-hosted bin file using Winhttp.☆240Jun 22, 2023Updated 2 years ago
- Windows x64 kernel mode rootkit process hollowing POC.☆189Jun 30, 2023Updated 2 years ago
- Do some DLL SideLoading magic☆90Sep 20, 2023Updated 2 years ago
- A care package of useful bofs for red team engagments☆53Dec 6, 2024Updated last year
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆111Jul 15, 2023Updated 2 years ago
- Privileger is a tool to work with Windows Privileges☆139Feb 7, 2023Updated 3 years ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆243Sep 26, 2023Updated 2 years ago
- Lateral Movement☆126Nov 14, 2023Updated 2 years ago
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆140Sep 14, 2024Updated last year
- Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!☆249Jul 9, 2024Updated last year
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- WNF Code Execution Library Using C#☆110May 18, 2020Updated 5 years ago
- Weaponized HellsGate/SigFlip☆203Jun 7, 2023Updated 2 years ago
- WolfPack combines the capabilities of Terraform and Packer to streamline the deployment of red team redirectors on a large scale.☆150Jun 5, 2025Updated 8 months ago
- collection of apis used in malware development☆229Aug 2, 2022Updated 3 years ago
- Reverse-HTTP Redirector via DigitalOcean Apps Platform☆31Aug 16, 2023Updated 2 years ago
- Small tool to play with IOCs caused by Imageload events☆44May 14, 2023Updated 2 years ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆32Nov 1, 2023Updated 2 years ago
- Keep it secret, keep it safe☆78Feb 6, 2025Updated last year
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 2 years ago
- ☆118Aug 7, 2022Updated 3 years ago
- Basic interactive Windows kernel offensive toolkit written in C☆137Sep 20, 2025Updated 5 months ago
- CIS Benchmark testing of Windows SIEM configuration☆45May 25, 2023Updated 2 years ago
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆261Jun 29, 2024Updated last year
- Duplicate not owned Token from Running Process☆74Jul 21, 2023Updated 2 years ago
- Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.☆668Jun 14, 2023Updated 2 years ago
- Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low…☆148May 6, 2023Updated 2 years ago
- Tools and PoCs for Windows syscall investigation.☆368Dec 2, 2025Updated 3 months ago
- ☆319Jun 28, 2023Updated 2 years ago
- ☆261May 9, 2024Updated last year
- Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting☆363Dec 19, 2022Updated 3 years ago
- ☆70Oct 30, 2023Updated 2 years ago
- ☆79Aug 2, 2023Updated 2 years ago