MatthMoestl's Stars
CCob/lsarelayx
NTLM relaying for Windows made easy
reveng007/DarkWidow
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashing
Leo4j/ShellGen
PowerShell script to generate ShellCode in various formats
ZeroMemoryEx/Blackout
kill anti-malware protected processes ( BYOVD) (Microsoft Won )
naksyn/DojoLoader
Generic PE loader for fast prototyping evasion techniques
knownsec/shellcodeloader
shellcodeloader
Chainski/PandaLoader
A WIP shellcode loader tool which bypasses AV/EDR, coded in C++, and equipped with a minimal console builder.
SaadAhla/D1rkLdr
Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscall instruction address resolving at run time
Konis-Bros/espio
Shellcode obfuscation tool to avoid AV/EDR.
WithSecureLabs/CallStackSpoofer
A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)
xf555er/ShellcodeLoader
This is my FirstRepository
LadybirdBrowser/ladybird
Truly independent web browser
accidentalrebel/shcode2exe
Compile shellcode into an exe file from Windows or Linux.
HackOvert/AntiDBG
A bunch of Windows anti-debugging tricks for x86 and x64.
odzhan/injection
Windows process injection methods
sailay1996/WerTrigger
Weaponizing for privileged file writes bugs with windows problem reporting
MahmoudZohdy/Process-Injection-Techniques
Various Process Injection Techniques
Cherno-x/MyShellcodeLoader
免杀与恶意软件开发
notscimmy/libcapcom
Capcom driver exploit wrapper
notscimmy/pplib
Elevate a process to be a protected process
VirtualAlllocEx/Direct-Syscalls-vs-Indirect-Syscalls
The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls
ReversingID/Shellcode-Loader
Open repository for learning dynamic shellcode loading (sample in many programming languages)
SaadAhla/Shellcode-Hide
This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp, socket)
gatariee/ldrgen
Template-based generation of shellcode loaders
gatariee/gocheck
Because AV evasion should be easy.
Cracked5pider/LdrLibraryEx
A small x64 library to load dll's into memory.
Cracked5pider/Ekko
Sleep Obfuscation
oldboy21/SWAPPALA
In-memory hiding technique
NUL0x4C/FetchPayloadFromDummyFile
Construct the payload at runtime using an array of offsets
caueb/PPIDSpoofing-BlockNonMSDlls
Spawn a process spoofing the parent process and restrict non-Microsoft dlls to inject into the process.