vineetgaurav / WIN_JELLYLinks
Windows GPU rootkit PoC by Team Jellyfish
☆37Updated 10 years ago
Alternatives and similar repositories for WIN_JELLY
Users that are interested in WIN_JELLY are comparing it to the libraries listed below
Sorting:
- NT AUTHORITY\SYSTEM☆42Updated 5 years ago
- Parser for a custom executable formats from Hidden Bee and Rhadamanthys malware☆56Updated 2 months ago
- ☆31Updated 5 years ago
- A small library helping to parse commandline parameters (for C/C++)☆58Updated 5 months ago
- ☆16Updated 4 years ago
- ☆36Updated 3 years ago
- Remote PE reflective injection with a simple reflective loader☆32Updated 6 years ago
- "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …☆41Updated 5 years ago
- ☆37Updated 6 years ago
- Clone running process with ZwCreateProcess☆58Updated 4 years ago
- Recreating and reviewing the Windows persistence methods☆39Updated 3 years ago
- ☆22Updated 5 years ago
- Neutralize KEPServerEX anti-debugging techniques☆32Updated 2 years ago
- Process Hollowing demonstration & explanation☆34Updated 4 years ago
- Sysmon shenanigans☆66Updated 5 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆22Updated 7 years ago
- Rite Of Passage ROP Injector☆34Updated 6 years ago
- Six cases demonstrating methods of optimizing GetProcAddress☆18Updated 3 years ago
- A small commented POC for removing API hooks placed by AV/EDR.☆34Updated 5 years ago
- CSharp Writeups for HackSys Extreme Vulnerable Driver☆44Updated 3 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆114Updated 4 years ago
- Windows Injection 101: from Zero to ROP (HITCON 2017)☆28Updated 8 years ago
- Example for PagedOut!☆25Updated 6 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆40Updated 4 years ago
- Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler☆29Updated 4 years ago
- Weaponizing Gigabyte driver for priv escalation and bypass PPL☆69Updated 6 years ago
- Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.☆23Updated 5 years ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆74Updated 4 years ago
- ☆24Updated 4 years ago
- ☆64Updated 2 years ago