vxunderground / VXUG-Papers
Research code & papers from members of vx-underground.
☆1,113Updated 2 years ago
Related projects: ⓘ
- Collection of various malicious functionality to aid in malware development☆1,424Updated 6 months ago
- Resources for Windows exploit development☆1,507Updated 2 years ago
- A post exploitation framework designed to operate covertly on heavily monitored environments☆2,024Updated 2 years ago
- Malware samples, analysis exercises and other interesting resources.☆1,456Updated 8 months ago
- Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…☆1,998Updated last week
- Organized list of my malware development resources☆1,373Updated 2 years ago
- AV/EDR evasion via direct system calls.☆1,776Updated last year
- ☆1,980Updated last year
- A workshop about Malware Development☆1,513Updated last year
- Nidhogg is an all-in-one simple to use rootkit.☆1,717Updated 5 months ago
- ScareCrow - Payload creation framework designed around EDR bypass.☆2,711Updated last year
- ☆1,005Updated 4 months ago
- Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing…☆1,500Updated last year
- ☆1,457Updated 2 weeks ago
- Template-Driven AV/EDR Evasion Framework☆1,575Updated 10 months ago
- Open-Source Shellcode & PE Packer☆1,812Updated 7 months ago
- A not so awesome list of malware gems for aspiring malware analysts☆787Updated last year
- Some of my publicly available Malware analysis and Reverse engineering.☆748Updated 3 months ago
- This repo contains some Amsi Bypass methods i found on different Blog Posts.☆1,669Updated 2 months ago
- This map lists the essential techniques to bypass anti-virus and EDR☆2,296Updated 9 months ago
- Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.☆1,396Updated 2 years ago
- Identifies the bytes that Microsoft Defender flags on.☆2,260Updated last year
- A modern 64-bit position independent implant template☆999Updated 4 months ago
- A collection of awesome Command & Control (C2) frameworks, tools and resources for post-exploitation and red teaming assignments.☆716Updated 3 years ago
- A tool to kill antimalware protected processes☆1,370Updated 3 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆3,502Updated last week
- LSASS memory dumper using direct system calls and API unhooking.☆1,469Updated 3 years ago
- Extract credentials from lsass remotely☆2,022Updated 2 months ago
- evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)☆1,393Updated 8 months ago