Code snippets for bare-metal malware development
☆98Feb 19, 2022Updated 4 years ago
Alternatives and similar repositories for BMJ
Users that are interested in BMJ are comparing it to the libraries listed below
Sorting:
- A framework for easy payloads development and deployment, collection of customizable XSS payloads☆26Feb 20, 2022Updated 4 years ago
- Classic Bofa adapted to CobaltStrike.☆11Oct 4, 2022Updated 3 years ago
- ☆676Mar 25, 2025Updated 11 months ago
- various slides and presentations I've worked on☆19Mar 21, 2025Updated last year
- Evasive ELF Static PIE User-Land-Exec featured in Tmpout Vol 1.☆29Sep 11, 2021Updated 4 years ago
- Find kernel32 base and API addresses. Simple C++ implementation☆23Apr 7, 2022Updated 3 years ago
- One gate to all syscalls!☆23Mar 12, 2022Updated 4 years ago
- Predicting the probability of an exploit being released after a CVE is published (by Machine learning algorithm)☆13Aug 8, 2023Updated 2 years ago
- SPI flash read MitM attack PoC☆40May 24, 2022Updated 3 years ago
- A local LKM rootkit loader/dropper that lists available security mechanisms☆53Sep 4, 2021Updated 4 years ago
- ☆28Aug 10, 2019Updated 6 years ago
- ☆12Feb 23, 2015Updated 11 years ago
- Uses WMI Event Win32_ModuleLoadTrace to monitor module loading. Provides filters, and detailed data. Has an option to monitor for CLR Inj…☆42May 9, 2019Updated 6 years ago
- encrypted-linux-kernel-modules☆12Nov 4, 2020Updated 5 years ago
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆49Mar 10, 2023Updated 3 years ago
- Aggressor script that gets the latest commands from CobaltStrikes web site and creates an aggressor script based on tool options.☆22Oct 6, 2021Updated 4 years ago
- Probably the first ELF binary infector ever created in Nim.☆28Jun 23, 2020Updated 5 years ago
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆374May 24, 2022Updated 3 years ago
- ☆17Mar 25, 2019Updated 6 years ago
- Beacon Object Files.☆36Feb 26, 2024Updated 2 years ago
- Cross-platform malware development library for anti-analysis techniques☆25Jul 27, 2021Updated 4 years ago
- pwntools for go!☆12Jul 14, 2019Updated 6 years ago
- Proof-of-concept LLVM fork to speculatively inline objc_msgSend☆16Dec 11, 2022Updated 3 years ago
- Run payload like a Lazarus Group (UuidFromStringA). C++ implementation☆20Jul 24, 2022Updated 3 years ago
- Protocol Reverse Engineering Resources☆23May 10, 2023Updated 2 years ago
- EDR Detector that can find what kind of endpoint solution is being used according to drivers in the system.☆94Nov 5, 2021Updated 4 years ago
- PoC multi-layer protector for ELF32 x86 binaries☆12Feb 26, 2022Updated 4 years ago
- It's what all the kids are talking about☆12Apr 25, 2023Updated 2 years ago
- this is Crytolocket Malware Domain Generation Algorithm (DGA). Cryptolocker uses DGA to generate 1000 to 10000 unique domain names for it…☆14Sep 5, 2016Updated 9 years ago
- Initial Commit of Coresploit☆57Oct 12, 2021Updated 4 years ago
- Local OXID Resolver (LCLOR) : Research and Tooling☆37May 19, 2021Updated 4 years ago
- A Modular MWDB Utility to Collect Fresh Malware Samples☆34May 17, 2021Updated 4 years ago
- Malware Development☆10Sep 30, 2020Updated 5 years ago
- Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypa…☆266Dec 6, 2025Updated 3 months ago
- ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD☆112Apr 8, 2020Updated 5 years ago
- yet another hidden LKM hunter☆32Sep 18, 2025Updated 6 months ago
- ROP-Gadget finder in Rust☆17Feb 2, 2018Updated 8 years ago
- A list of all the DLLs export in C:\windows\system32\☆221Dec 22, 2021Updated 4 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 3 years ago