therealdreg / WinXPSP2.Cermalus
Malware WinXPSP2.Cermalus Windows Kernel Virus
☆15Updated last year
Related projects: ⓘ
- Proof of concept open source implementation of an UAC bypass exploit, based in 2 windows failures.☆12Updated 4 years ago
- Simple PE packer with RtlCompressBuffer☆21Updated 9 years ago
- Parser for a custom executable format from Hidden Bee malware (first stage)☆39Updated last week
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 6 years ago
- The Grum Spam Bot☆20Updated 9 years ago
- Bypass Antivm and Cuckoo Sandbox Techniques☆13Updated 7 years ago
- PCAUSA Rawether for Windows Local Privilege Escalation☆36Updated 7 years ago
- drvtriks kernel driver for Windows 7 SP1 and 8.1 x64, that tricks around in your system.☆31Updated 6 years ago
- ☆23Updated this week
- ☆21Updated 3 years ago
- DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10☆49Updated 6 months ago
- Kernel mode windows NT API logger☆21Updated 5 years ago
- I was challenged by a friend to list all the processes and drivers in a system using more "unusual" methods. By doing this I learned quit…☆16Updated 8 years ago
- A DLL that performs IAT hooking☆26Updated 6 years ago
- A small utility to run raw code chunks in the executable memory area.☆14Updated 9 years ago
- Windows GPU rootkit PoC by Team Jellyfish☆35Updated 9 years ago
- Public open-source code of malware NetTraveler (aka TravNet).☆32Updated 9 years ago
- Ip Transmitter.☆7Updated 8 years ago
- Scanning and identifying XOR encrypted PE files in PE resources☆27Updated 10 years ago
- Class implementation of PowerLoader injection technique☆29Updated 7 years ago
- PoC for detecting and dumping process hollowing code injection☆50Updated 5 years ago
- Archive of ransomware decryptors☆29Updated 6 years ago
- ASProtect reverse engineering & analysis WinDbg extension☆20Updated 3 years ago
- Windows x64 Process Scanner to detect application compatability shims☆37Updated 5 years ago
- Code Injector Using Code Caves☆14Updated 9 years ago
- My collection of unpackers for malware packers/crypters☆28Updated 7 years ago
- Kernel (Ring0) - SSDT unhook driver☆13Updated 6 years ago
- Simple tool for unpacking packed/protected malware executables.☆32Updated 12 years ago
- Malware monitor template based on MinHook☆16Updated 9 years ago
- Infects PE files with a shellcode☆15Updated 5 years ago