An example of Windows self-replicating malware.
☆11Jan 16, 2023Updated 3 years ago
Alternatives and similar repositories for Alcatraz
Users that are interested in Alcatraz are comparing it to the libraries listed below
Sorting:
- Offensive Assembly code snippets.☆13Jul 12, 2023Updated 2 years ago
- ☆12Sep 13, 2023Updated 2 years ago
- Reproducing the SkeletonKey malware.☆11Apr 6, 2024Updated last year
- Python package to download all images in markdown files and rename the links to point to the local files.☆19Feb 8, 2026Updated last month
- My software engineering notes.☆24Nov 12, 2025Updated 4 months ago
- Hooking Heavens Gate in a weekend☆13Jan 1, 2022Updated 4 years ago
- Attacking the cleanup_module function of a kernel module☆56Jun 30, 2025Updated 8 months ago
- Threat Intelligence Sharing Platform��☆12Mar 13, 2026Updated last week
- A PoC of a privilege escalation vulnerability in the Realtek rtkio64 Windows driver.☆20Jul 6, 2020Updated 5 years ago
- Pentest report framework without data send☆19Sep 23, 2025Updated 5 months ago
- Windows Explorer application written in assembly☆15Jun 15, 2023Updated 2 years ago
- Get your data from the resource section manually, with no need for windows apis☆67Oct 22, 2024Updated last year
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 3 years ago
- CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution☆51Apr 22, 2024Updated last year
- macOS dylib stager☆36Jan 22, 2025Updated last year
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆140Sep 12, 2022Updated 3 years ago
- Get windows CPU temperature with WinRing0 driver and library☆25Jan 10, 2019Updated 7 years ago
- Pure Go lang cryptor and shellcode injector☆20Feb 25, 2021Updated 5 years ago
- Automated Persistence and Lateral Movement using GCP Patch Management☆16Aug 11, 2022Updated 3 years ago
- ☆15Aug 12, 2024Updated last year
- My personal shellcode loader☆32Mar 9, 2023Updated 3 years ago
- bring your own vulnerable driver☆115May 17, 2023Updated 2 years ago
- An implementation of the Process Hollowing technique.☆16Dec 13, 2020Updated 5 years ago
- Utilities to handle Windows OS shutdown events☆30Feb 23, 2017Updated 9 years ago
- Sharing mouse and keyboard Between Windows and other OS.☆11Jul 6, 2020Updated 5 years ago
- A vulnerable driver exploited by me (BYOVD) that is capable of terminating several EDRs and antivirus software in the market, rendering t…☆106Dec 26, 2024Updated last year
- Build a Windows VM on VMWare ESXi, vCenter or vSphere from scratch 100% automated with Ansible.☆14Feb 10, 2025Updated last year
- A WDAC configuration repository with the sole intention of enriching MDE☆30Jun 18, 2025Updated 9 months ago
- Async rust support for the reverse-engineered Crowdstrike Falcon protocol between the Sensor and cloud services☆17Mar 10, 2023Updated 3 years ago
- ☆119Aug 7, 2022Updated 3 years ago
- Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts☆23Sep 15, 2023Updated 2 years ago
- a demo module for the kaine agent to execute and inject assembly modules☆41Aug 28, 2024Updated last year
- Assembly block for hooking windows API functions.☆94Jul 16, 2019Updated 6 years ago
- A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.☆38Mar 25, 2024Updated last year
- Admin to Kernel code execution using the KSecDD driver☆264Apr 19, 2024Updated last year
- ProcExp Driver (Ab)use☆22Dec 28, 2022Updated 3 years ago
- Playing with LLVM passes☆40Aug 17, 2023Updated 2 years ago
- PoC exploit for HP Hardware Diagnostic's EtdSupp driver☆51May 13, 2023Updated 2 years ago
- Emulate Drivers in RING3 with self context mapping or unicorn☆21Jan 1, 2025Updated last year