Starting Code for my How to Write Malware 101 Class. This is a Proof of Concept of a C# RAT (Remote Access Trojan) made by Sean Pierce (@secure_sean) to demonstrate to defenders the ease, speed, development goals, and characteristics of common malware. This is for educational use only.
☆21May 29, 2018Updated 7 years ago
Alternatives and similar repositories for EducationalRAT
Users that are interested in EducationalRAT are comparing it to the libraries listed below
Sorting:
- Tool for finding KPOT XOR key using known-plaintext attack.☆13Jun 9, 2020Updated 5 years ago
- C# code to run PIC using CreateThread☆17Apr 19, 2019Updated 6 years ago
- Go reverse shell for Win/Linux/OSX☆17May 15, 2019Updated 6 years ago
- Get a list of installed software in a safe manner☆11Aug 7, 2017Updated 8 years ago
- Collection of shellcode injection and execution techniques☆18Aug 21, 2025Updated 6 months ago
- ☆17Jul 26, 2018Updated 7 years ago
- Nano meterpreter shell based on TinyMet☆28Aug 27, 2016Updated 9 years ago
- WORK IN PROGRESS. RAT written in C++ using Win32 API☆19Sep 12, 2019Updated 6 years ago
- C# POC code for the SessionEnv dll hijack by utilizing called functions of TSMSISrv.dll☆62Apr 18, 2019Updated 6 years ago
- A shellcode generator with encryption, encoding and polymorphism facilities built-in☆34May 16, 2022Updated 3 years ago
- PowerShell script to help with privilege escalation on a compromised Windows box.☆23Mar 3, 2019Updated 6 years ago
- Several self-defense shellcodes☆23Jul 16, 2019Updated 6 years ago
- Automation Engine using the Covenant API and lua scripting☆24Dec 8, 2022Updated 3 years ago
- Windows Stagers to circumvent restrictive network environments☆69Sep 23, 2024Updated last year
- A PoC .net shell which uses a GitHub.com repository for the communication channel.☆11Oct 25, 2018Updated 7 years ago
- Solutions for various crackmes☆20Jan 13, 2013Updated 13 years ago
- A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.☆10Sep 17, 2019Updated 6 years ago
- Silent Cleanup UAC Bypass POC☆11Dec 15, 2019Updated 6 years ago
- Component Services Volatile Environment LPE☆12Jun 28, 2025Updated 8 months ago
- Telegram-based PowerShell Runspace Host☆11Dec 8, 2022Updated 3 years ago
- ☆10Jan 17, 2022Updated 4 years ago
- ☆12Aug 5, 2015Updated 10 years ago
- Random code snippets☆11Oct 27, 2023Updated 2 years ago
- Take a list of URIs and print all the of the paths☆10Aug 16, 2020Updated 5 years ago
- Display Languages Volatile Environment LPE☆12Jun 28, 2025Updated 8 months ago
- Exploit Research & Development - Ported Exploits☆11Jul 22, 2017Updated 8 years ago
- CVE-2019-1064 Local Privilege Escalation Vulnerability☆11Jun 12, 2019Updated 6 years ago
- Remote Administration Tool For Windows VB.NET☆12Mar 19, 2019Updated 6 years ago
- ImperiumRAT is an advanced remote administration tool with features like (Remote desktop, Disable CMD, Turn on/off webcam, and more!)☆12Dec 7, 2022Updated 3 years ago
- UUID based Shellcode loader for your favorite C2☆86Dec 8, 2021Updated 4 years ago
- ASLR Evasion, Egghunters, SEH Overwrites☆29Mar 6, 2021Updated 4 years ago
- Raw syscall implementations with Powershell☆30Sep 19, 2019Updated 6 years ago
- Miscellaneous examples for use with Cobalt Strike Beacon☆10Nov 19, 2020Updated 5 years ago
- Shellcode injection using debugging APIs☆19Jan 13, 2014Updated 12 years ago
- ☆19Mar 9, 2021Updated 4 years ago
- Matt's DFIR blog☆14Jul 28, 2025Updated 7 months ago
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆13May 20, 2023Updated 2 years ago
- Simple tool to check visual studio project files for Exec, PreBuildEvent and PostBuildEvent☆12Jun 17, 2020Updated 5 years ago
- An x64 binary executing code that's not inside of it.☆17Feb 28, 2023Updated 3 years ago