lsecqt / BSides-2024-Malware-Development-101-From-Zero-to-Non-Hero

Related projects ⓘ

Alternatives and complementary repositories for BSides-2024-Malware-Development-101-From-Zero-to-Non-Hero

• Cipher7 / havoc-PoolParty
  Windows Thread Pool Injection Havoc Implementation
  ☆28Updated 7 months ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆58Updated 3 months ago
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆46Updated 6 months ago
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆51Updated 4 months ago
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆58Updated 5 months ago
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆47Updated 8 months ago
• gatariee / ldrgen
  Template-based generation of shellcode loaders
  ☆67Updated 7 months ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆55Updated 3 months ago
• vatsalgupta67 / Process-Hollowing
  Red Team Operation's Defense Evasion Technique.
  ☆52Updated 5 months ago
• som3canadian / Cloudflare-Redirector
  Just another C2 Redirector using CloudFlare.
  ☆78Updated 6 months ago
• Karkas66 / CelestialSpark
  A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust
  ☆82Updated 7 months ago
• securifybv / BOFRyptor
  ☆118Updated last year
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆82Updated 5 months ago
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆39Updated 4 months ago
• Bl4ckM1rror / PEAs
  ☆58Updated 11 months ago
• EvilBytecode / Lifetime-AmsiBypass
  Lifetime AMSI bypass.
  ☆36Updated 4 months ago
• naksyn / ModuleShifting
  Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…
  ☆108Updated last year
• mr-r3bot / bof-modules
  BOF for C2 framework
  ☆40Updated last week
• NtDallas / Fenrir
  stack spoofing
  ☆53Updated this week
• S12cybersecurity / NinjaInjector
  Classic Process Injection with Memory Evasion Techniques implemantation
  ☆63Updated last year
• 0prrr / Malwear-Sweet
  Malware?
  ☆70Updated last month
• oldboy21 / JayFinder
  Find DLLs with RWX section
  ☆75Updated last year
• ZERODETECTION / MSC_Dropper
  ☆126Updated 3 months ago
• 0xEr3bus / ShadowForgeC2
  ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.
  ☆43Updated last year
• realoriginal / grimreaper
  A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls
  ☆104Updated 2 months ago
• MaorSabag / SideLoadingDLL
  Do some DLL SideLoading magic
  ☆75Updated last year
• oldkingcone / BYOSI
  Evade EDR's the simple way, by not touching any of the API's they hook.
  ☆49Updated 3 months ago
• HulkOperator / AuthStager
  ☆37Updated 3 weeks ago