Embed an executable as a PE resource, drops and launches it in runtime.
☆64Sep 18, 2021Updated 4 years ago
Alternatives and similar repositories for Dropper
Users that are interested in Dropper are comparing it to the libraries listed below
Sorting:
- inject and run code into arbitrary process (x86 and x64)☆14Oct 20, 2021Updated 4 years ago
- VBA Macro obfuscator☆13Sep 20, 2020Updated 5 years ago
- A PowerShell script that simplifies life and therefore... phishing.☆20Aug 16, 2022Updated 3 years ago
- A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.☆53Sep 20, 2022Updated 3 years ago
- An extended proof-of-concept for the CVE-2021-21551 Dell ‘dbutil_2_3.sys’ Kernel Exploit☆24Jul 20, 2021Updated 4 years ago
- Download a .NET payload and run it on memory☆70Apr 12, 2019Updated 6 years ago
- a demo module for the kaine agent to execute and inject assembly modules☆41Aug 28, 2024Updated last year
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- Direct3D 9 to 11 sharing demo☆12Nov 30, 2018Updated 7 years ago
- ☆12Oct 29, 2021Updated 4 years ago
- Windows Defender Bypass for Cobalt Strike v4.0 Powershell Payload☆10Aug 29, 2020Updated 5 years ago
- A better way to write shell code☆10May 28, 2021Updated 4 years ago
- AdminX it's a Malware to execute process as some users from a Windows OS☆11May 4, 2023Updated 2 years ago
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆24Apr 4, 2023Updated 2 years ago
- A repository of IDA Databases and Binaries used for the analysis of popular commercial virtual-machine obfuscators☆72Oct 7, 2022Updated 3 years ago
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆180Feb 10, 2023Updated 3 years ago
- It embeds the executable file or payload inside the zip/rar file. It can use two different methods. The first method embeds the executab…☆48May 28, 2022Updated 3 years ago
- Download a payload and make it run from registry without droppng.☆110Apr 9, 2019Updated 6 years ago
- A prototype malware C2 channel using x509 certificates over mTLS☆152Mar 15, 2024Updated last year
- ☆60Jan 9, 2023Updated 3 years ago
- C++ stealer (passwords, cookies, forms, cards, wallets)☆12Dec 6, 2022Updated 3 years ago
- PoC for Acronis Arbitrary File Read - CVE-2022-45451☆18Dec 20, 2022Updated 3 years ago
- ☆10Jun 11, 2022Updated 3 years ago
- Win32 PE Anti-RE and Anti-debugging Framework☆13May 14, 2019Updated 6 years ago
- A python polymorphic engine for C programs☆11Dec 8, 2023Updated 2 years ago
- A dropper that decrypts encrypted xor payload and can inject it in explorer.exe proccess☆10Aug 1, 2021Updated 4 years ago
- Process Hollowing Packer☆29Sep 5, 2017Updated 8 years ago
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆211Nov 12, 2025Updated 3 months ago
- It bridges my research with a functional tool. I want to provide a safe, open-source framework for hackers to test evasion and for defend…☆282Jan 26, 2026Updated last month
- ☆26Sep 29, 2022Updated 3 years ago
- ☆12Apr 28, 2025Updated 10 months ago
- A automate link building tool perfect for front-end development☆13Oct 2, 2017Updated 8 years ago
- Just another repository for malware development☆13May 12, 2024Updated last year
- ☆12Aug 31, 2022Updated 3 years ago
- A service container for interacting with SRA's VECTR☆16Apr 9, 2025Updated 10 months ago
- MtE - MuTation Engine☆13Sep 4, 2022Updated 3 years ago
- Modifies machine.config for persistence after installing signed .net assembly onto GAC☆13Mar 17, 2022Updated 3 years ago
- ☆90Jun 2, 2024Updated last year
- Load shellcode via syscall☆56Jul 28, 2021Updated 4 years ago