nqntmqmqmb / xorPacker
A simple packer working with all PE files which cipher your exe with a XOR implementation
☆14Updated 4 years ago
Alternatives and similar repositories for xorPacker:
Users that are interested in xorPacker are comparing it to the libraries listed below
- Process Hollowing POC in CPP☆15Updated 4 years ago
- Another Portable Executable files analysing stuff☆20Updated 13 years ago
- A simple injector that uses LoadLibraryA☆17Updated 4 years ago
- A C port of b33f's UrbanBishop☆38Updated 4 years ago
- ☆15Updated 3 years ago
- Loads .NET Assembly Via CLR Loader☆15Updated 5 years ago
- Remote PE reflective injection with a simple reflective loader☆30Updated 5 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆16Updated 6 years ago
- Recreating and reviewing the Windows persistence methods☆37Updated 3 years ago
- ☆12Updated 4 years ago
- An example of COM hijacking using a proxy DLL.☆25Updated 3 years ago
- Ransoblin (Ransomware Bokoblin)☆17Updated 4 years ago
- My experience using Windows API for offensive purposes☆17Updated 3 years ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆18Updated last year
- A more advanced free and open .NET obfuscator using dnlib.☆10Updated 2 years ago
- DarkRats Standalone HVNC☆24Updated 2 years ago
- A small commented POC for removing API hooks placed by AV/EDR.☆33Updated 4 years ago
- Remove API hooks from a Beacon process.☆13Updated 3 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆38Updated 4 years ago
- Malware persistence via COM DLL hijacking. C++ implementation example☆13Updated 2 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Updated 2 years ago
- x64 Registration-Free In-Process COM Automation Server.☆48Updated 2 years ago
- Windows GPU rootkit PoC by Team Jellyfish☆35Updated 9 years ago
- PoC for DEF CON 26: Playing Malware Injection with Exploit thoughts☆23Updated 6 years ago
- Listing UDP connections with remote address without sniffing.☆30Updated last year
- ☆46Updated 3 years ago
- ☆15Updated 4 years ago
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆25Updated last year
- ☆26Updated 3 months ago
- Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware☆25Updated 5 years ago