maezyn / dolosLinks
Metamorphic engine written in Rust.
☆18Updated 3 years ago
Alternatives and similar repositories for dolos
Users that are interested in dolos are comparing it to the libraries listed below
Sorting:
- simple user-mode Rootkit☆107Updated 3 years ago
- Various Process Injection Techniques☆159Updated 3 years ago
- [ARCHIVED] Early work on Abyss (Windows UEFI Bootkit).☆44Updated 2 months ago
- Process Injection using Thread Name☆282Updated 6 months ago
- Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware☆30Updated 6 years ago
- WTSRM☆215Updated 3 years ago
- uefi diskless persistence technique + OVMF secureboot bypass☆94Updated last year
- A tutorial on how to write a packer for Windows!☆295Updated last year
- Admin to Kernel code execution using the KSecDD driver☆258Updated last year
- Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!☆238Updated last year
- C++ self-Injecting dropper based on various EDR evasion techniques.☆414Updated last year
- Exploitable drivers, you know what I mean☆153Updated last month
- SysCaller: SDK for WindowsAPI via syscalls. Dynamic Resolution, Obfuscation, Multi-Language Bindings, & more!☆49Updated 2 weeks ago
- Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths☆351Updated last year
- ☆265Updated 2 years ago
- Full source of the Conti Ransomware Including the missing Locker files from the original leak. I have fixed some of the errors intentiona…☆159Updated 2 years ago
- A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)☆532Updated 7 months ago
- Recursive and arbitrary code execution at kernel-level without a system thread creation☆155Updated 2 years ago
- Windows x64 kernel mode rootkit process hollowing POC.☆189Updated 2 years ago
- Virus Exchange (VX) - Collection of malware or assembly code used for "offensive" purposed.☆192Updated 3 months ago
- ☆47Updated 2 years ago
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆236Updated last year
- GetModuleHandle (via PEB) and GetProcAddress (via EAT) like☆32Updated 3 years ago
- Simple Polymorphic Engine (SPE32) is a simple polymorphic engine for encrypting code and data. It is an amateur project that can be used …☆151Updated 2 years ago
- LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.☆314Updated last year
- The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls☆214Updated last year
- A list of excellent resources for anyone to deepen their understanding with regards to Windows Kernel Exploitation and general low level …☆161Updated 3 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆227Updated 2 years ago
- A curated compilation of extensive resources dedicated to bootkit and rootkit development.☆129Updated 3 months ago
- Packer (actually a crypter) for antivirus evasion implemented for windows PE files (BSc-Thesis)☆106Updated 5 years ago