zeroSteiner / reflective-polymorphism

Related projects: ⓘ

• blacknbunny / peanalyzer
  Advanced Portable Executable File Analyzer And Disassembler 32 & 64 Bit
  ☆99Updated 5 years ago
• tyranid / DeviceGuardBypasses
  A repository of some of my Windows 10 Device Guard Bypasses
  ☆133Updated 7 years ago
• REal0day / MaliciousPark
  Another Repo of Malware. Enjoy. <3
  ☆60Updated 5 years ago
• tyranid / ZeroNights2017
  Some sample code from my Zero Nights 2017 presentation.
  ☆62Updated 6 years ago
• tyranid / ExploitDotNetDCOM
  A tool to exploit .NET DCOM for EoP and RCE. Is fixed in latest versions of the .NET.
  ☆84Updated 9 years ago
• caseysmithrc / memMITM
  ☆52Updated this week
• MortenSchenk / Token-Stealing-Shellcode
  ☆51Updated 7 years ago
• jackson5sec / ShimDB
  Shim database persistence (Fin7 TTP)
  ☆35Updated 4 years ago
• Cisco-Talos / dotNET_WinDBG
  ☆57Updated this week
• williamshowalter / hdroot-bootkit-analysis
  Supporting Files on my analysis of the malware designated hdroot.
  ☆59Updated 7 years ago
• FSecureLABS / defcon25_uac_workshop
  UAC 0Day all day!
  ☆58Updated 7 years ago
• ustayready / CasperStager
  PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.
  ☆147Updated 5 years ago
• r41p41 / snippets
  fragments of dirty, and quick code. possible error checking or none.
  ☆25Updated 7 years ago
• vallejocc / PoC-Inject-Data-WM_COPYDATA
  A tiny PoC to inject and execute code into explorer.exe with WM_SETTEXT+WM_COPYDATA+SetThreadContext
  ☆49Updated 6 years ago
• ycscaly / Privilege-Escalation-Framework
  Privilege Escilation training project, with an emphasis on the distinction between vulnerability research & it's exposure and exploitatio…
  ☆35Updated 7 years ago
• SafeBreach-Labs / BITSInject
  A one-click tool to inject jobs into the BITS queue (Background Intelligent Transfer Service), allowing arbitrary program execution as th…
  ☆98Updated 5 years ago
• AMOSSYS / MemITM
  Tool to make in memory man in the middle
  ☆124Updated 5 years ago
• kost / scexec
  Portable utility to execute in memory a sequence of opcodes
  ☆17Updated 8 years ago
• Arno0x / TCPRelayInjecter
  Tool for injecting a "TCP Relay" managed assembly into unmanaged processes
  ☆115Updated 5 years ago
• abatchy17 / HEVD-Exploits
  Exploit code used for the HackSysExtremeVulnerableDriver.
  ☆43Updated 6 years ago
• 3gstudent / bitsadminexec
  Use bitsadmin to maintain persistence and bypass Autoruns
  ☆67Updated 7 years ago
• papadp / reflective-injection-detection
  a program to detect reflective dll injection on a live machine
  ☆72Updated 8 years ago
• DimopoulosElias / alpc-mmc-uac-bypass
  UAC Bypass with mmc via alpc
  ☆155Updated 5 years ago
• shahriyarj / sysret
  ☆75Updated this week
• secretsquirrel / recomposer
  Randomly changes Win32/64 PE Files for 'safer' uploading to malware and sandbox sites.
  ☆129Updated 10 years ago
• hacksysteam / WpadEscape
  Sandbox escape using WinHTTP Web Proxy Auto-Discovery Service
  ☆84Updated 5 years ago
• panagioto / Mimir
  A C++ POC for process injection using NtCreateSectrion, NtMapViewOfSection and RtlCreateUserThread. Credit to @spotheplanet for his notes…
  ☆41Updated 3 years ago
• mandiant / flare-kscldr
  FLARE Kernel Shellcode Loader
  ☆176Updated 5 years ago
• nccgroup / CVE-2017-8759
  NCC Group's analysis and exploitation of CVE-2017-8759 along with further refinements
  ☆94Updated 7 years ago