Lists (11)
Stars
ARM64 ELF Virtual Machine Protection System
Next Generation C2 Framework, IoM-server/client
Elfina is a multi-architecture ELF loader written in Rust, supporting x86 and x86-64 binaries.
Hooking Windows' exception dispatcher to protect process's PML4
Fumo Loader - All in one kernel-based DLL injector
create a um process that contains all physical memory
Windows hypervisor for Intel x64: defensive host hypervisor for Windows designed to mitigate kernel-level attacks including BYOVD, compatible with VMware and Hyper-V.
Stealthy Linux Kernel Rootkit for modern kernels (6x)
Resolve offsets, gadgets and symbols from NTKernel
A x64 Windows Rootkit using SSDT or Hypervisor hook
Anti-Rootkit/Anti-Cheat Driver to uncover unbacked or hidden kernel code.
PIC shellcode (C/C++) development toolkit designed for malware developers.
A library for simulating keyboard and mouse input with drivers
Reflective shellcode loaderwith advanced call stack spoofing and .NET support.
Code execution/injection technique using DLL PEB module structure manipulation
Bypass Chromium's App-Bound Encryption via Direct Syscall-based Reflective Process Hollowing. Extract cookies, passwords, payment methods & tokens from Chrome, Edge, Brave & Avast - fileless, user-…
x86-x64 Packer with Portable Executable compatibility.
Dumps all of the Key/Value pairs from a LevelDB database
Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs
For educational purposes only, exhaustive samples of 500+ classic/modern trojan builders including screenshots.
lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.
An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
A PowerShell console in C/C++ with all the security features disabled