tmenochet / XorPacker
Basic packer using XOR encryption
☆28Updated 5 months ago
Related projects: ⓘ
- (Sim)ulate (Ba)zar Loader☆29Updated 3 years ago
- A proof of concept I developed to improve Gargoyle back in 2018 to achieve true memory obfuscation from position independent code☆33Updated last week
- Gozi ISFB is a well-known and widely distributed banking trojan, and has been in the threat landscape for the past several years.☆63Updated 6 years ago
- Recreating and reviewing the Windows persistence methods☆39Updated 2 years ago
- C++ implant that interfaces with a SK8PARK server☆47Updated 3 years ago
- A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows☆52Updated 3 years ago
- A small commented POC for removing API hooks placed by AV/EDR.☆33Updated 4 years ago
- Proxy system calls over an RPC channel☆96Updated 2 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆102Updated 3 years ago
- "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …☆39Updated 4 years ago
- Evasive Process Hollowing Techniques☆132Updated 4 years ago
- C++ function that will automagically unhook a specified Windows API☆59Updated 3 years ago
- Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS us…☆68Updated 3 years ago
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆98Updated 2 years ago
- ☆36Updated 3 years ago
- DoppelGate relies on reading ntdll on disk to grab syscall stubs, and patches these syscall stubs into desired functions to bypass Userla…☆119Updated 2 years ago
- A PE/ELF/MachO Crypter for x86 and x86_64 Based on Radare2☆134Updated last year
- ☆50Updated this week
- ☆53Updated 2 years ago
- Injects shellcode into remote processes using direct syscalls☆74Updated 3 years ago
- A simple dumper as FreshyCalls' PoC. That's what's trendy, isn't it? ¯\_(ツ)_/¯☆39Updated 3 years ago
- Piece of code to detect and remove hooks in IAT☆51Updated 2 years ago
- Some simple process injection techniques targeting the Windows platform☆30Updated 4 years ago
- A simple COM server which provides a component to run shellcode☆131Updated 4 years ago
- This is my own implementation of the Perun's Fart technique by Sektor7☆64Updated 2 years ago
- NT AUTHORITY\SYSTEM☆37Updated 4 years ago
- File Write Weapon for Privilege Escalation To get SYSTEM☆17Updated 4 years ago
- ☆87Updated this week
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆92Updated 3 years ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆65Updated 3 years ago