☆136Jun 28, 2023Updated 3 years ago
Alternatives and similar repositories for Malware_learns
Users that are interested in Malware_learns are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆56Mar 25, 2024Updated 2 years ago
- Implant drop-in for EDR testing☆147Nov 15, 2023Updated 2 years ago
- It stinks☆102Apr 22, 2022Updated 4 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 4 years ago
- A simple program to hook the current process to identify the manual syscall executions on windows☆267Nov 18, 2022Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- WTSRM☆216Aug 7, 2022Updated 3 years ago
- ☆23May 28, 2021Updated 5 years ago
- Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll☆511Feb 3, 2022Updated 4 years ago
- POC for frustrating/defeating Malware Analysts☆155Jun 12, 2022Updated 4 years ago
- ☆119Aug 7, 2022Updated 3 years ago
- Beacon Object File PoC implementation of KillDefender☆236Apr 12, 2022Updated 4 years ago
- RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, …☆500Jan 25, 2022Updated 4 years ago
- A bunch of scripts and code i wrote.☆153Nov 7, 2024Updated last year
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆148Jun 2, 2022Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…☆538Aug 1, 2022Updated 3 years ago
- This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …☆259Jul 7, 2022Updated 3 years ago
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆104Jan 7, 2022Updated 4 years ago
- A project to replicate the functionality of Noah Powers' ServerSetup script, but with error handling and fixed Namecheap API support.☆33Oct 1, 2021Updated 4 years ago
- You shall pass☆270Jul 16, 2022Updated 3 years ago
- Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.☆48Dec 31, 2021Updated 4 years ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2☆186Jul 21, 2022Updated 3 years ago
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆89Apr 11, 2023Updated 3 years ago
- Hookers are cooler than patches.☆171Jan 21, 2022Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- My implementation of Halo's Gate technique in C#☆55Apr 20, 2022Updated 4 years ago
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆100Mar 27, 2022Updated 4 years ago
- Patching AmsiOpenSession by forcing an error branching☆154Aug 2, 2023Updated 2 years ago
- Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.☆114Dec 26, 2021Updated 4 years ago
- Process Ghosting in C#☆221Jan 24, 2022Updated 4 years ago
- Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.☆759Nov 16, 2021Updated 4 years ago
- evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)☆1,506Dec 21, 2023Updated 2 years ago
- ☆170Jan 7, 2022Updated 4 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆135Jan 2, 2023Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Overwrite a process's recovery callback and execute with WER☆104Apr 17, 2022Updated 4 years ago
- collection of apis used in malware development☆231Aug 2, 2022Updated 3 years ago
- Experiment on reproducing Obfuscate & Sleep☆163Mar 14, 2021Updated 5 years ago
- Lateral Movement Using DCOM and DLL Hijacking☆327Jun 18, 2023Updated 3 years ago
- ☆783Oct 17, 2023Updated 2 years ago
- A Nim implementation of reflective PE-Loading from memory☆298Sep 5, 2024Updated last year
- Various ways to execute shellcode☆511Mar 13, 2024Updated 2 years ago