ulexec / SHELF-Loading

Related projects: ⓘ

• En14c / Erebus
  Poc for ELF64 runtime infection via GOT poisoning technique by elfmaster
  ☆29Updated 4 years ago
• perturbed-platypus / LinooxMalware
  ☆26Updated 5 years ago
• X-C3LL / memdlopen-lib
  ☆12Updated last year
• dsnezhkov / exclave
  ☆15Updated 3 years ago
• airbus-cert / ttd2mdmp
  Extract data of TTD trace file to a minidump
  ☆28Updated last year
• ioncodes / kdbg-driver-workstation
  ☆14Updated 2 years ago
• NtQuerySystemInformation / Malware-RE-papers
  Here are some of my malware reversing papers that I will be publishing
  ☆30Updated 2 years ago
• ic3qu33n / michelangelo-reanimator
  Michelangelo REanimator bootkit and REcon 2023 talk slides/materials
  ☆27Updated 6 months ago
• dsnezhkov / elfpack
  ☆43Updated 2 years ago
• h0mbre / syscall
  ☆15Updated 4 years ago
• PinkNoize / shelf-loader-poc
  ☆12Updated 2 years ago
• rhotav / PT_LOAD-Injector
  An injector that use PT_LOAD technique
  ☆12Updated last year
• riesha / drv-vuln-scanner
  Finds imports that could be exploited, still requires manual analysis.
  ☆26Updated last year
• therealdreg / nasm_linux_x86_64_pure_sharedlib
  NASM Linux x86_64 pure (no deps) shared library (.so), POC for Reflective ELF SO injection
  ☆26Updated last year
• roddux / germy
  GERMY is a Linux Kernel n-day in the N_GSM line discipline
  ☆42Updated 3 months ago
• msuiche / smbaloo
  ☆49Updated 4 years ago
• hotnops / RemoteDebugView
  A DLL that serves OutputDebugString content over a TCP connection
  ☆33Updated 2 years ago
• tyranid / DumpReparsePoints
  This is a simple tool to dump all the reparse points on an NTFS volume.
  ☆32Updated 4 years ago
• h311d1n3r / HellTracer
  A Linux x86/x86-64 tool to trace registers and memory regions.
  ☆34Updated 2 years ago
• elfmaster / scop_virus_paper
  ELF Virus infection techniques that work with SCOP (Secure code partitioned) executables
  ☆14Updated 5 years ago
• connormcgarr / Presentations
  ☆25Updated 9 months ago
• its-a-feature / macos_execute_from_memory
  PoC of macho loading from memory
  ☆51Updated 4 years ago
• OsandaMalith / PESecInfo
  A simple tool to view important DLL Characteristics and change DEP and ASLR
  ☆45Updated 5 years ago
• EvanMcBroom / fuse-loader
  Load a dynamic library from memory using a fuse mount
  ☆27Updated last year
• interruptlabs / heimdallr-ida
  A IDA plugin to enable linking to locations in an IDB with a disas:// URI
  ☆32Updated 11 months ago
• nccgroup / ICPin
  An Integrity-Check Monitoring Pintool
  ☆56Updated 3 years ago
• peterwintersmith / crystalaep
  Crystal Anti-Exploit Protection 2012
  ☆35Updated 4 years ago
• vxunderground / Vx-Libraries
  ☆15Updated this week
• mgeeky / HEVD_Kernel_Exploit
  Exploits pack for the Windows Kernel mode driver HackSysExtremeVulnerableDriver written for educational purposes.
  ☆62Updated 2 years ago