ring0-c0d3-br34k3r / RE-MA-Roadmap

Related projects: ⓘ

• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆51Updated last month
• Maldev-Academy / CodeSearchDemo
  ☆36Updated 7 months ago
• Maldev-Academy / GhostlyHollowingViaTamperedSyscalls
  Implementing the ghostly hollowing PE injection technique using tampered syscalls.
  ☆108Updated 3 months ago
• lsecqt / BSides-2024-Malware-Development-101-From-Zero-to-Non-Hero
  ☆23Updated 4 months ago
• WKL-Sec / FuncAddressPro
  A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
  ☆67Updated 6 months ago
• buzzer-re / Shinigami
  A dynamic unpacking tool
  ☆127Updated last year
• CaledoniaProject / drivers-binaries
  Exploitable drivers, you know what I mean
  ☆124Updated 5 months ago
• oldboy21 / RflDllOb
  Reflective DLL Injection Made Bella
  ☆170Updated last week
• deepinstinct / ShimMe
  ☆121Updated last month
• RtlDallas / vs-shellcode
  ☆55Updated this week
• realoriginal / blacklotus
  A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.
  ☆81Updated last year
• 20urc3 / Aplos
  Aplos an extremely simple fuzzer for Windows binaries.
  ☆66Updated 5 months ago
• Cracked5pider / CodeCave
  A bunch of scripts and code i wrote.
  ☆128Updated last month
• 7etsuo / Faronics-DeepFreeze-8-Exploit
  Full exploit chain for Faronics-DeepFreeze-8
  ☆3Updated last year
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆45Updated 2 months ago
• eversinc33 / unKover
  PoC Anti-Rootkit to uncover Windows Drivers/Rootkits mapped to Kernel Memory.
  ☆138Updated this week
• floesen / KExecDD
  Admin to Kernel code execution using the KSecDD driver
  ☆232Updated 5 months ago
• ghostpepper108 / Evasion
  ☆105Updated last year
• SaadAhla / D1rkInject
  Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…
  ☆167Updated last year
• lewiswigmore / Virus.xcheck
  Virus.xcheck is a Python tool designed to bulk verify the existence of file hashes in the Virus Exchange database and fetch download URLs…
  ☆43Updated 9 months ago
• blue0x1 / uac-bypass-oneliners
  Collection of one-liners to bypass User Account Control (UAC) in Windows. These techniques exploit certain behavior in Windows applicatio…
  ☆83Updated 11 months ago
• XaFF-XaFF / Kernel-Process-Hollowing
  Windows x64 kernel mode rootkit process hollowing POC.
  ☆180Updated last year
• exploits-forsale / 24h2-nt-exploit
  Exploit targeting NT kernel in 24H2 Windows Insider Preview
  ☆99Updated 4 months ago
• imperva / frida-jit-unpacker
  The Frida-Jit-unPacker aims at helping researchers and analysts understand the behavior of packed malicious .NET samples.
  ☆52Updated 5 months ago
• pwnwithlove / C_revshell
  Basic reverse shell in C using socket() with complete explanation
  ☆64Updated last year
• realoriginal / grimreaper
  A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls
  ☆99Updated last week
• Nassim-Asrir / CVE-2023-36424
  Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation
  ☆121Updated 5 months ago
• ViperXSecurity / lib-nosa
  lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.
  ☆61Updated last week
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆52Updated last month
• RtlDallas / KrakenMask
  ☆204Updated this week