trevorsaudi / Zero-Import-Malware
Small project looking into how we can build malware with zero-imports by dynamically resolving windows APIs using GetProcAddress and GetModuleHandle windows APIs.
☆36Updated 10 months ago
Related projects: ⓘ
- ☆65Updated this week
- NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing R…☆57Updated last year
- A repository with my code snippets for research/education purposes.☆51Updated last year
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆41Updated last year
- a variety of tools,scripts and techniques developed and shared with different programming languages by 0xsp Lab☆55Updated 5 months ago
- Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)☆39Updated last year
- ☆55Updated this week
- Scripts I use to deploy Havoc on Linode and setup categorization and SSL☆38Updated 3 months ago
- Duplicate not owned Token from Running Process☆72Updated last year
- Create Anti-Copy DRM Malware☆36Updated last month
- ☆90Updated 6 months ago
- ☆24Updated last year
- Winsocket for Cobalt Strike.☆96Updated last year
- PhantomsGate: Advanced Shellcode Injection Technique☆20Updated 2 months ago
- C++ Staged Shellcode Loader with Evasion capabilities.☆65Updated last month
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆36Updated 8 months ago
- ☆48Updated 5 months ago
- this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)☆77Updated 9 months ago
- Alternative Shellcode Execution Via Callbacks in C# with P/Invoke☆74Updated last year
- A modification to fortra's CVE-2023-28252 exploit, compiled to exe☆51Updated 7 months ago
- Tool to start processes as SYSTEM using token duplication☆37Updated 3 years ago
- ☆27Updated 2 months ago
- Remotely Enumerate sessions using undocumented Windows Station APIs☆68Updated 3 weeks ago
- Hunt for C2 servers and phishing web sites using VirusTotal API , you can modify code to kill the malicious process☆63Updated 4 months ago
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆95Updated last year
- CVE-2024-41570: Havoc C2 0.7 Teamserver SSRF exploit☆34Updated last week
- Construct the payload at runtime using an array of offsets☆59Updated 3 months ago
- ☆60Updated this week
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆30Updated 10 months ago
- ☆29Updated last year