lsecqt / BSides-2024-Malware-Development-101-From-Zero-to-Non-Hero

Related projects ⓘ

Alternatives and complementary repositories for BSides-2024-Malware-Development-101-From-Zero-to-Non-Hero

• Cipher7 / havoc-PoolParty
  Windows Thread Pool Injection Havoc Implementation
  ☆28Updated 7 months ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆54Updated 2 months ago
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆47Updated 8 months ago
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆45Updated 6 months ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆58Updated 3 months ago
• oldkingcone / BYOSI
  Evade EDR's the simple way, by not touching any of the API's they hook.
  ☆49Updated 3 months ago
• vatsalgupta67 / Process-Hollowing
  Red Team Operation's Defense Evasion Technique.
  ☆51Updated 5 months ago
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆58Updated 4 months ago
• gatariee / ldrgen
  Template-based generation of shellcode loaders
  ☆65Updated 6 months ago
• 0prrr / Malwear-Sweet
  Malware?
  ☆69Updated last month
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆39Updated 3 months ago
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆51Updated 4 months ago
• ZERODETECTION / MSC_Dropper
  ☆125Updated 3 months ago
• EvilBytecode / Lifetime-AmsiBypass
  Lifetime AMSI bypass.
  ☆36Updated 4 months ago
• xforcered / VectoredExceptionHandling
  ☆27Updated 2 months ago
• securifybv / BOFRyptor
  ☆118Updated last year
• naksyn / ModuleShifting
  Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…
  ☆108Updated last year
• Octoberfest7 / enumhandles_BOF
  ☆116Updated 2 months ago
• MaorSabag / SideLoadingDLL
  Do some DLL SideLoading magic
  ☆74Updated last year
• mannyfred / SentinelBruh
  Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution
  ☆37Updated 3 months ago
• safedv / Rustic64
  64-bit, position-independent implant template for Windows in Rust.
  ☆75Updated last month
• caueb / ThreadlessStompingKann
  Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.
  ☆37Updated 10 months ago
• itaymigdal / PichichiH0ll0wer
  Nim process hollowing loader
  ☆47Updated 3 months ago
• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆58Updated 2 weeks ago
• x0reaxeax / PageSplit
  Splitting and executing shellcode across multiple pages
  ☆99Updated last year
• Leo4j / ShellGen
  PowerShell script to generate ShellCode in various formats
  ☆39Updated last month
• itaymigdal / PartyLoader
  Threadless shellcode injection tool
  ☆59Updated 3 months ago
• BeetleChunks / Obligato
  This project is an implant framework designed for long term persistent access to Windows machines.
  ☆110Updated last year