Small project looking into how we can build malware with zero-imports by dynamically resolving windows APIs using GetProcAddress and GetModuleHandle windows APIs.
☆40Oct 26, 2023Updated 2 years ago
Alternatives and similar repositories for Zero-Import-Malware
Users that are interested in Zero-Import-Malware are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This PowerShell script applies a memory patch to bypass the Antimalware Scan Interface (AMSI), allowing unrestricted execution of PowerSh…☆14Jun 2, 2024Updated last year
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆36Oct 31, 2023Updated 2 years ago
- Create a malicious pip package (PoC)☆12Sep 14, 2023Updated 2 years ago
- Bypass the Event Trace Windows(ETW) and unhook ntdll.☆116Sep 29, 2023Updated 2 years ago
- ☆89Jan 2, 2024Updated 2 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆57Oct 10, 2022Updated 3 years ago
- Mass Reverse IP Lookup is a multithreaded tool to reverse ip lookup a list of ip addresses using yougetsignal.com .☆21May 23, 2020Updated 5 years ago
- ☆48Feb 11, 2023Updated 3 years ago
- Classic Process Injection with Memory Evasion Techniques implemantation☆74Oct 28, 2023Updated 2 years ago
- 15-stage Windows malware development & analysis course in Rust. Red team builds it, blue team detects it. All 15 binaries achieved 0/76 o…☆263Mar 27, 2026Updated last month
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Dec 16, 2023Updated 2 years ago
- ☆106Sep 12, 2024Updated last year
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…☆14Apr 2, 2026Updated last month
- ☆16May 5, 2026Updated 2 weeks ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low…☆147May 6, 2023Updated 3 years ago
- Yet Another Memory Analyzer for malware detection☆24Aug 4, 2023Updated 2 years ago
- Templates for developing your own listeners and agents for AdaptixC2.☆50Feb 28, 2026Updated 2 months ago
- A tool to assist DLL hijacking via the Havoc GUI☆13Jan 9, 2024Updated 2 years ago
- A python RCE exploit on QNAP-QTS☆15Sep 15, 2020Updated 5 years ago
- An adaptation of timwhitez's proxycall that uses kernelbase.dll!Beep.☆16Nov 1, 2023Updated 2 years ago
- Click Once + App Domain☆67Feb 23, 2026Updated 2 months ago
- A GUI wrapper inside of Havoc to interact with bloodhound CE☆71Feb 3, 2024Updated 2 years ago
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆13May 20, 2023Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- ☆165Oct 25, 2023Updated 2 years ago
- powershell免杀,Invoke-Obfuscation-Bypass分析和修改☆17Apr 13, 2023Updated 3 years ago
- ☆15Feb 12, 2023Updated 3 years ago
- Brute Ratel LDAP filtering and sorting tool. Easily take BR log output and pull hostnames for ease of use with other red team tooling. Su…☆39Nov 16, 2023Updated 2 years ago
- ☆156Oct 2, 2023Updated 2 years ago
- powershell免杀混淆器,简单有效。A simple and effective powershell obfuscaiton tool bypass Anti-Virus☆19Dec 2, 2022Updated 3 years ago
- ☆15Dec 12, 2023Updated 2 years ago
- exploit for cve-2023-47246 SysAid RCE (shell upload)☆52Dec 7, 2023Updated 2 years ago
- Dump Lsass Memory Using a Reflective Dll☆14Feb 4, 2022Updated 4 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- PS-MOTW: PowerShell scripts to set / show / remove MOTW (Mark of the Web)☆62Nov 16, 2023Updated 2 years ago
- DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable☆64Apr 4, 2026Updated last month
- Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8☆352Aug 29, 2024Updated last year
- This contains a number of examples demonstrating how to use callback functions in supported aggressor script functions☆39Mar 17, 2025Updated last year
- REC2 (Rusty External Command and Control) is client and server tool allowing auditor to execute command from VirusTotal and Mastodon APIs…☆162Feb 22, 2024Updated 2 years ago
- ☆10Mar 27, 2022Updated 4 years ago
- ☆70Oct 30, 2023Updated 2 years ago