Stuff discovered while analyzing the malware hidden in xz-utils 5.6.0 and 5.6.1
☆59Jun 12, 2024Updated last year
Alternatives and similar repositories for xz-malware
Users that are interested in xz-malware are comparing it to the libraries listed below
Sorting:
- XZ Backdoor Extract(Test on Ubuntu 23.10)☆17Apr 2, 2024Updated last year
- Port of Mandiant ShellcodeHashes plugin from IDA to BinaryNinja☆11Jul 24, 2024Updated last year
- not-so-private-relay☆14Feb 21, 2025Updated last year
- Silent Cleanup UAC Bypass POC☆11Dec 15, 2019Updated 6 years ago
- Terraform provider for command execution☆12Mar 16, 2020Updated 5 years ago
- ☆30Aug 24, 2025Updated 6 months ago
- ☆31Dec 5, 2024Updated last year
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆13May 20, 2023Updated 2 years ago
- ☆20Mar 15, 2023Updated 2 years ago
- Ransoblin (Ransomware Bokoblin)☆18Oct 4, 2020Updated 5 years ago
- Single-header LZW (Lempel-Ziv-Welch) C Library, headerless compressor & decompressor (variable code, 9-16 bits)☆22Jan 2, 2026Updated 2 months ago
- A tool to generate macOS initial access vectors using Prelude Operator payloads☆18May 25, 2022Updated 3 years ago
- ☆16Apr 7, 2023Updated 2 years ago
- Remote Thread Injection by C# + Delegate Techniques☆12Jun 6, 2023Updated 2 years ago
- WebKit/JSC CodeQL Databases☆17Dec 15, 2025Updated 2 months ago
- Play with libmalloc☆17Jan 2, 2024Updated 2 years ago
- ☆16Sep 23, 2021Updated 4 years ago
- ☆23Feb 28, 2026Updated last week
- Source files for my posts☆17Jun 20, 2023Updated 2 years ago
- ☆25May 21, 2021Updated 4 years ago
- PoC code and tools for Black Hat USA 2024☆24Aug 1, 2024Updated last year
- My collection of PoCs☆26Nov 9, 2023Updated 2 years ago
- A not-curated list of cloud hacking labs☆26Apr 18, 2024Updated last year
- A POC for Windows Extension Host hooking☆24Jul 13, 2019Updated 6 years ago
- Repository of vulnerabilities disclosed by ESET☆29Jul 13, 2022Updated 3 years ago
- Writeup for BKP 2017 challenge "SIDH-RSA-AES128-GCM-SHA256"☆26Feb 27, 2017Updated 9 years ago
- A Canary which fires when uninstalled☆34Mar 16, 2021Updated 4 years ago
- Runtime smm module loader☆37Jan 12, 2023Updated 3 years ago
- "Bypassing" HVCI via donor PFN swaps to modify read-only code pages. Call chained kernel functions (kCET and SLAT support), modify read-o…☆95Feb 14, 2026Updated 3 weeks ago
- Disk based DMA for ATA and SCSI☆42Sep 22, 2023Updated 2 years ago
- poc code for CVE-2024-38080☆30Sep 1, 2024Updated last year
- appieSniper is a python program to get notifications on overblijvers at nearby Albert Heijn supermarkets, this way you can claim you pack…☆11Jun 10, 2025Updated 8 months ago
- Reverse Engineering 101 training from our Vulnerability Researcher Development Program (VRDP)☆66Jan 13, 2026Updated last month
- Taking advantage of CRT initialization, to get away with hooking protected applications☆48Nov 2, 2022Updated 3 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago
- Another UEFI runtime bootkit☆37May 8, 2023Updated 2 years ago
- Various tools, PoCs and experiments related to my blog at https://www.forrest-orr.net/☆41Jul 22, 2021Updated 4 years ago
- C# Situational Awareness Script☆34Apr 26, 2019Updated 6 years ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆91Nov 24, 2022Updated 3 years ago