nqntmqmqmb / xorPackerLinks
A simple packer working with all PE files which cipher your exe with a XOR implementation
☆14Updated 5 years ago
Alternatives and similar repositories for xorPacker
Users that are interested in xorPacker are comparing it to the libraries listed below
Sorting:
- Malware persistence via COM DLL hijacking. C++ implementation example☆13Updated 3 years ago
- 64bit Windows 10 shellcode that adds user BOKU:SP3C1ALM0V3 to the system and the localgroups Administrators & "Remote Desktop Users"☆40Updated 4 years ago
- ☆16Updated 4 years ago
- Process Hollowing POC in CPP☆18Updated 5 years ago
- Another Portable Executable files analysing stuff☆21Updated 14 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Updated 7 years ago
- Classic DLL injection. Download dll from url and inject. Simple C++ implementation☆10Updated 3 years ago
- 💻 Windows 10 Kernel-mode rootkit☆32Updated 3 years ago
- Ransoblin (Ransomware Bokoblin)☆18Updated 5 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆40Updated 4 years ago
- A Bumblebee-inspired Crypter☆78Updated 2 years ago
- Recreating and reviewing the Windows persistence methods☆39Updated 3 years ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆74Updated 4 years ago
- Collection of shellcode injection and execution techniques☆18Updated 2 months ago
- A simple injector that uses LoadLibraryA☆18Updated 5 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆27Updated 3 years ago
- Process injection via KernelCallbackTable☆13Updated 3 years ago
- Nice try reading NTDLL from disk, nerd.☆19Updated 3 years ago
- Admin2Sys it's a C++ malware to escalate privileges from Administrator account to NT AUTORITY SYSTEM☆63Updated 2 years ago
- (Sim)ulate (Ba)zar Loader☆29Updated 4 years ago
- A more advanced free and open .NET obfuscator using dnlib.☆10Updated 3 years ago
- ☆41Updated 4 years ago
- A custom run space to bypass AMSI and Constrained Language mode in PowerShell.☆20Updated 2 years ago
- NT AUTHORITY\SYSTEM☆42Updated 5 years ago
- Windows GPU rootkit PoC by Team Jellyfish☆37Updated 10 years ago
- x64 Registration-Free In-Process COM Automation Server.☆50Updated 2 years ago
- A .NET binary loader that bypasses AMSI☆45Updated 4 years ago
- Six cases demonstrating methods of optimizing GetProcAddress☆18Updated 3 years ago
- Making Shellcode fully undetectable using uuid☆23Updated 4 years ago
- Two C# RunPE's capable of x86 and x64 injections☆11Updated 6 years ago