MalwareTech

Pinned Repositories

AppContainerSandbox
An example sandbox using AppContainer (Windows 8+)
Language:C++140 10 148
BasicHook
x86 Inline hooking engine (using trampolines)
Language:C98 10 336
CitrixHoneypot
Detect and log CVE-2019-19781 scan and exploitation attempts.
Language:HTML117 6 330
CreateDesktop
Example application for creating multiple desktops on Windows
Language:C++139 13 164
EDR-Preloader
An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
Language:C++525 6 379
EDRception
A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
Language:C++195 4 035
FakeMBR
TDL4 style rootkit to spoof read/write requests to master boot record
Language:C++131 12 273
TinyXPB
Windows XP 32-Bit Bootkit
Language:C146 17 268
TrickBot-Toolkit
A collection of tools for dealing with TrickBot
Language:Python202 15 137
ZombifyProcess
Inject code into a legitimate process
Language:C++145 13 155

MalwareTech's Repositories

MalwareTech/EDR-Preloader
An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
Language:C++525 6 379
MalwareTech/TrickBot-Toolkit
A collection of tools for dealing with TrickBot
Language:Python202 15 137
MalwareTech/EDRception
A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
Language:C++195 4 035
MalwareTech/TinyXPB
Windows XP 32-Bit Bootkit
Language:C146 17 268
MalwareTech/ZombifyProcess
Inject code into a legitimate process
Language:C++145 13 155
MalwareTech/AppContainerSandbox
An example sandbox using AppContainer (Windows 8+)
Language:C++140 10 148
MalwareTech/CreateDesktop
Example application for creating multiple desktops on Windows
Language:C++139 13 164
MalwareTech/FakeMBR
TDL4 style rootkit to spoof read/write requests to master boot record
Language:C++131 12 273
MalwareTech/CitrixHoneypot
Detect and log CVE-2019-19781 scan and exploitation attempts.
Language:HTML117 6 330
MalwareTech/BasicHook
x86 Inline hooking engine (using trampolines)
Language:C98 10 336
MalwareTech/Log4jTools
Tools for investigating Log4j CVE-2021-44228
Language:Python94 6 312
MalwareTech/HiddenDesktop
Create and enumerate hidden desktops.
Language:C91 1 017
MalwareTech/UACElevator
Passive UAC elevation using dll infection
Language:C++75 12 144
MalwareTech/FstHook
A library for intercepting native functions by hooking KiFastSystemCall
Language:C++74 8 038
MalwareTech/RDGScanner
A proof-of-concept scanner to check an RDG Gateway Server for vulnerabilities CVE-2020-0609 & CVE-2020-0610.
Language:Python69 7 131
MalwareTech/Beginner-Reversing-Challenges
https://www.malwaretech.com/beginner-malware-reversing-challenges
62 3 14
MalwareTech/CVE-2024-47176-Scanner
A simple scanner for identifying vulnerable cups-browsed instances on your network
Language:Python61 1 110
MalwareTech/SpookySSLTools
Example tools for detecting software using OpenSSL 3.0.0 - 3.0.6 (vulnerable to latest unnamed vulnerability)
Language:PowerShell42 2 113
MalwareTech/MSDIA-x64
Enable Microsoft PDB support in Ghidra without installing Visual Studio
Language:Batchfile37 4 02
MalwareTech/FollinaExtractor
Extract payload URLs from Follina (CVE-2022-30190) docx and rtf files
Language:Python31 1 02
MalwareTech/SimpleEpollServer
An example epoll imlementation with C++11
Language:C++30 2 013
MalwareTech/PhaseHack
Phase C&C Blind SQL Injection
Language:Python9 4 110
MalwareTech/NeutrinoBotHack
SQL injection in Neutrino panel
Language:Python8 3 07
MalwareTech/PhaseDump
Python tool for decrypting W32/Phase modules
Language:Python6 3 05