Alternatives and similar repositories for Malware_learns:

Users that are interested in Malware_learns are comparing it to the libraries listed below

• rad9800 / misc
  miscellaneous scripts and programs
  ☆234Updated 3 weeks ago
• rad9800 / WTSRM
  WTSRM
  ☆207Updated 2 years ago
• RedTeamOperations / Journey-to-McAfee
  ☆112Updated 2 years ago
• VirtualAlllocEx / Direct-Syscalls-A-journey-from-high-to-low
  Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low…
  ☆133Updated last year
• LloydLabs / shellcode-plain-sight
  Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak
  ☆196Updated 2 years ago
• florylsk / RecycledInjector
  Native Syscalls Shellcode Injector
  ☆264Updated last year
• Cracked5pider / CoffeeLdr
  Beacon Object File Loader
  ☆282Updated last year
• xalicex / Killers
  Exploitation of process killer drivers
  ☆196Updated last year
• S3cur3Th1sSh1t / Ruy-Lopez
  ☆297Updated last year
• VirtualAlllocEx / Payload-Download-Cradles
  This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …
  ☆256Updated 2 years ago
• waldo-irc / MalMemDetect
  Detect strange memory regions and DLLs
  ☆177Updated 3 years ago
• kleiton0x00 / Proxy-DLL-Loads
  A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
  ☆333Updated last week
• gabriellandau / EDRSandblast-GodFault
  EDRSandblast-GodFault
  ☆250Updated last year
• itm4n / PPLmedic
  Dump the memory of any PPL with a Userland exploit chain
  ☆332Updated last year
• Bw3ll / ShellWasp
  ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Wind…
  ☆165Updated last year
• deepinstinct / ContainYourself
  A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.
  ☆306Updated last year
• OccamsXor / Dragnmove
  Infect Shared Files In Memory for Lateral Movement
  ☆193Updated 2 years ago
• NUL0x4C / NoRunPI
  Run Your Payload Without Running Your Payload
  ☆180Updated 2 years ago
• Maldev-Academy / HellHall
  Performing Indirect Clean Syscalls
  ☆514Updated last year
• thefLink / DeepSleep
  A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC
  ☆352Updated 2 years ago
• rtecCyberSec / Packer_Development
  Slides & Code snippets for a workshop held @ x33fcon 2024
  ☆250Updated 8 months ago
• sensepost / mydumbedr
  ☆112Updated last year
• shogunlab / building-c2-implants-in-cpp
  The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).
  ☆225Updated 2 months ago
• Maldev-Academy / EntropyReducer
  Reduce Entropy And Obfuscate Youre Payload With Serialized Linked Lists
  ☆412Updated last year
• NUL0x4C / APCLdr
  Payload Loader With Evasion Features
  ☆314Updated 2 years ago
• SaadAhla / AMSI_patch
  Patching AmsiOpenSession by forcing an error branching
  ☆143Updated last year
• Cracked5pider / CodeCave
  A bunch of scripts and code i wrote.
  ☆134Updated 3 months ago
• MythicAgents / Athena
  ☆191Updated last week
• 0xTriboulet / Revenant
  Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework
  ☆374Updated 6 months ago
• sailay1996 / CdpSvcLPE
  Windows Local Privilege Escalation via CdpSvc service (Writeable SYSTEM path Dll Hijacking)
  ☆252Updated 2 years ago