lsecqt / BSides-2024-Malware-Development-101-From-Zero-to-Non-Hero
☆24Updated 6 months ago
Related projects ⓘ
Alternatives and complementary repositories for BSides-2024-Malware-Development-101-From-Zero-to-Non-Hero
- Windows Thread Pool Injection Havoc Implementation☆28Updated 7 months ago
- Section-based payload obfuscation technique for x64☆58Updated 3 months ago
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆46Updated 6 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆51Updated 4 months ago
- Construct the payload at runtime using an array of offsets☆58Updated 5 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆47Updated 8 months ago
- Template-based generation of shellcode loaders☆67Updated 7 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆55Updated 3 months ago
- Red Team Operation's Defense Evasion Technique.☆52Updated 5 months ago
- Just another C2 Redirector using CloudFlare.☆78Updated 6 months ago
- A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust☆82Updated 7 months ago
- ☆118Updated last year
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆82Updated 5 months ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated 4 months ago
- ☆58Updated 11 months ago
- Lifetime AMSI bypass.☆36Updated 4 months ago
- Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…☆108Updated last year
- BOF for C2 framework☆40Updated last week
- stack spoofing☆53Updated this week
- Classic Process Injection with Memory Evasion Techniques implemantation☆63Updated last year
- Malware?☆70Updated last month
- Find DLLs with RWX section☆75Updated last year
- ☆126Updated 3 months ago
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆43Updated last year
- A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls☆104Updated 2 months ago
- Do some DLL SideLoading magic☆75Updated last year
- Evade EDR's the simple way, by not touching any of the API's they hook.☆49Updated 3 months ago
- ☆37Updated 3 weeks ago