This repo will contain code snippets for blogs: Malware on Steroids written by me at https://scriptdotsh.com/index.php/category/malware-development/
☆201Jul 21, 2020Updated 5 years ago
Alternatives and similar repositories for 0xdarkvortex-MalwareDevelopment
Users that are interested in 0xdarkvortex-MalwareDevelopment are comparing it to the libraries listed below
Sorting:
- This repo contains all the code that will be referred at https://scriptdotsh.com by Paranoid Ninja☆47Jul 21, 2020Updated 5 years ago
- ☆24Sep 26, 2021Updated 4 years ago
- Techniques that i have used to evade anti-virus during pen tests.☆13May 29, 2018Updated 7 years ago
- A PE/ELF/MachO Crypter for x86 and x86_64 Based on Radare2☆139Jan 5, 2023Updated 3 years ago
- This repo basically contains the code that was mentioned in the blogposts that was written by me at:☆97Dec 19, 2022Updated 3 years ago
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆16Sep 4, 2020Updated 5 years ago
- TartarusGate, Bypassing EDRs☆653Jan 25, 2022Updated 4 years ago
- Hardened Proof of Concept of D/Invoke Process Injection malware☆42Jul 23, 2020Updated 5 years ago
- A simple implant showcasing modern C++☆108Dec 6, 2020Updated 5 years ago
- Collection of beacon object files for use with Cobalt Strike to facilitate 🐚.☆185Feb 11, 2021Updated 5 years ago
- ☆51Sep 18, 2020Updated 5 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆219Mar 5, 2020Updated 5 years ago
- dem sharp donuts☆202Sep 11, 2022Updated 3 years ago
- ☆71Nov 20, 2020Updated 5 years ago
- ☆48Mar 19, 2020Updated 5 years ago
- C# Implementation of Jared Atkinson's Get-InjectedThread.ps1☆54Jul 11, 2021Updated 4 years ago
- KaynLdr is a Reflective Loader written in C/ASM☆555Dec 3, 2023Updated 2 years ago
- Evading WinDefender ATP credential-theft☆255Dec 2, 2019Updated 6 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 5 years ago
- MSBuild without MSbuild.exe☆135Dec 21, 2020Updated 5 years ago
- ☆53Oct 20, 2020Updated 5 years ago
- ☆12Aug 10, 2019Updated 6 years ago
- Companion PoC for the "Adventures in Dynamic Evasion" blog post☆129May 25, 2021Updated 4 years ago
- An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR☆2,323Dec 6, 2023Updated 2 years ago
- Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.☆158Jun 10, 2019Updated 6 years ago
- My collection of malware dev links☆308Feb 9, 2026Updated 3 weeks ago
- Red Team Operator: Malware Development Essentials Course☆100Jun 18, 2020Updated 5 years ago
- Find kernel32 base and API addresses. Simple C++ implementation☆23Apr 7, 2022Updated 3 years ago
- Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode☆2,503Nov 15, 2023Updated 2 years ago
- ☆99Sep 20, 2021Updated 4 years ago
- Process Injection☆766Oct 24, 2021Updated 4 years ago
- Miscellaneous examples for use with Cobalt Strike Beacon☆10Nov 19, 2020Updated 5 years ago
- Organized list of my malware development resources☆1,701May 16, 2022Updated 3 years ago
- ☆23May 28, 2021Updated 4 years ago
- Penetration Test / Read Team - C# tools repository☆55Dec 23, 2021Updated 4 years ago
- Also known by Microsoft as Knifecoat☆1,153Dec 22, 2022Updated 3 years ago
- An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting…☆1,092Jun 17, 2022Updated 3 years ago
- LSASS memory dumper using direct system calls and API unhooking.☆1,576Jan 5, 2021Updated 5 years ago
- PoC for hiding PE exports☆67Dec 19, 2020Updated 5 years ago