zeroSteiner / reflective-polymorphism
Reflective Polymorphism
☆104Updated 6 years ago
Related projects: ⓘ
- Advanced Portable Executable File Analyzer And Disassembler 32 & 64 Bit☆99Updated 5 years ago
- A repository of some of my Windows 10 Device Guard Bypasses☆133Updated 7 years ago
- Another Repo of Malware. Enjoy. <3☆60Updated 5 years ago
- Some sample code from my Zero Nights 2017 presentation.☆62Updated 6 years ago
- A tool to exploit .NET DCOM for EoP and RCE. Is fixed in latest versions of the .NET.☆84Updated 9 years ago
- ☆52Updated this week
- ☆51Updated 7 years ago
- Shim database persistence (Fin7 TTP)☆35Updated 4 years ago
- ☆57Updated this week
- Supporting Files on my analysis of the malware designated hdroot.☆59Updated 7 years ago
- UAC 0Day all day!☆58Updated 7 years ago
- PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.☆147Updated 5 years ago
- fragments of dirty, and quick code. possible error checking or none.☆25Updated 7 years ago
- A tiny PoC to inject and execute code into explorer.exe with WM_SETTEXT+WM_COPYDATA+SetThreadContext☆49Updated 6 years ago
- Privilege Escilation training project, with an emphasis on the distinction between vulnerability research & it's exposure and exploitatio…☆35Updated 7 years ago
- A one-click tool to inject jobs into the BITS queue (Background Intelligent Transfer Service), allowing arbitrary program execution as th…☆98Updated 5 years ago
- Tool to make in memory man in the middle☆124Updated 5 years ago
- Portable utility to execute in memory a sequence of opcodes☆17Updated 8 years ago
- Tool for injecting a "TCP Relay" managed assembly into unmanaged processes☆115Updated 5 years ago
- Exploit code used for the HackSysExtremeVulnerableDriver.☆43Updated 6 years ago
- Use bitsadmin to maintain persistence and bypass Autoruns☆67Updated 7 years ago
- a program to detect reflective dll injection on a live machine☆72Updated 8 years ago
- UAC Bypass with mmc via alpc☆155Updated 5 years ago
- ☆75Updated this week
- Randomly changes Win32/64 PE Files for 'safer' uploading to malware and sandbox sites.☆129Updated 10 years ago
- Sandbox escape using WinHTTP Web Proxy Auto-Discovery Service☆84Updated 5 years ago
- A C++ POC for process injection using NtCreateSectrion, NtMapViewOfSection and RtlCreateUserThread. Credit to @spotheplanet for his notes…☆41Updated 3 years ago
- FLARE Kernel Shellcode Loader☆176Updated 5 years ago
- NCC Group's analysis and exploitation of CVE-2017-8759 along with further refinements☆94Updated 7 years ago