mgeeky / PEInfoLinks
Another Portable Executable files analysing stuff
☆21Updated 14 years ago
Alternatives and similar repositories for PEInfo
Users that are interested in PEInfo are comparing it to the libraries listed below
Sorting:
- Just another casual shellcode native loader☆24Updated 3 years ago
- Ransoblin (Ransomware Bokoblin)☆18Updated 5 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆16Updated 7 years ago
- A simple PE loader.☆27Updated 2 years ago
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆12Updated 2 years ago
- Loading and executing shellcode in C# without PInvoke.☆22Updated 3 years ago
- ☆15Updated 2 years ago
- NT AUTHORITY\SYSTEM☆42Updated 5 years ago
- PoC code from blog☆16Updated 5 years ago
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆50Updated 2 years ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆23Updated 6 months ago
- A C port of b33f's UrbanBishop☆38Updated 5 years ago
- A more advanced free and open .NET obfuscator using dnlib.☆10Updated 3 years ago
- ollvm, based on llvm-clang 5.0.2, 6.0.1, 7.0.1, 8.0, 9.0, 9.0.1☆19Updated 3 years ago
- Remove API hooks from a Beacon process.☆14Updated 4 years ago
- ☆48Updated 4 years ago
- Windows GPU rootkit PoC by Team Jellyfish☆37Updated 10 years ago
- A tool for leveraging elevated acess over a computer to boot the computer into Windows Safe Mode, alter settings, and then boot back into…☆16Updated 3 years ago
- Miscellaneous examples for use with Cobalt Strike Beacon☆10Updated 4 years ago
- A small commented POC for removing API hooks placed by AV/EDR.☆34Updated 5 years ago
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆15Updated 5 years ago
- Simple and sane cryptographic wrapper library.☆27Updated 2 years ago
- Rasta's mouse AMSI patch but with function that makes it undetectable.☆13Updated 4 years ago
- Proof of concept - Covert Channel using Windows Filtering Platform (C#)☆21Updated 4 years ago
- C# project to Reflectively load .Net assemblies in memory☆18Updated last year
- The repository accompanying the Buer Emulation workshop☆23Updated 4 years ago
- ☆30Updated 2 months ago
- ☆11Updated 6 years ago
- Manually perform syscalls without going through any external API or DLL.☆19Updated 2 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆33Updated 3 years ago