marcusbotacin / Dropper
Embed an executable as a PE resource, drops and launches it in runtime.
☆58Updated 3 years ago
Alternatives and similar repositories for Dropper:
Users that are interested in Dropper are comparing it to the libraries listed below
- Standalone Metasploit-like XOR encoder for shellcode☆48Updated 11 months ago
- 64bit WIndows 10 shellcode dat pops dat calc - Dynamic & Null Free☆61Updated 2 years ago
- Compile shellcode into an exe file from Windows or Linux.☆67Updated 4 years ago
- API Hammering with C++20☆46Updated 2 years ago
- Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…☆106Updated 2 months ago
- Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping☆54Updated 2 years ago
- ☆96Updated 3 years ago
- ☆73Updated last year
- Red Team Operation's Defense Evasion Technique.☆53Updated 10 months ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆123Updated 2 years ago
- Bypass Malware Time Delays☆101Updated 2 years ago
- Enabled / Disable LSA Protection via BYOVD☆67Updated 3 years ago
- Finding secrets in kernel and user memory☆115Updated last year
- The AMSI server for Avred☆29Updated last year
- Splitting and executing shellcode across multiple pages☆100Updated last year
- A Bumblebee-inspired Crypter☆80Updated 2 years ago
- ☆115Updated 2 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆69Updated last year
- GetModuleHandle (via PEB) and GetProcAddress (via EAT) like☆32Updated 3 years ago
- Nim process hollowing loader☆57Updated 8 months ago
- ☆37Updated last month
- RDLL for Cobalt Strike beacon to silence sysmon process☆88Updated 2 years ago
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆82Updated last year
- ☆82Updated last year
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆99Updated last year
- MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit☆39Updated last year
- Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH☆48Updated 3 years ago
- Experiment on reproducing Obfuscate & Sleep☆144Updated 4 years ago
- A Poc on blocking Procmon from monitoring network events☆101Updated 2 years ago
- Detect strange memory regions and DLLs☆183Updated 3 years ago