MatthMoestl

MatthMoestl's Stars

• CCob/lsarelayx

  NTLM relaying for Windows made easy

  Language:C++53265

• reveng007/DarkWidow

  Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashing

  Language:C53175

• Leo4j/ShellGen

  PowerShell script to generate ShellCode in various formats

  Language:PowerShell339

• ZeroMemoryEx/Blackout

  kill anti-malware protected processes ( BYOVD) (Microsoft Won )

  Language:C++876134

• naksyn/DojoLoader

  Generic PE loader for fast prototyping evasion techniques

  Language:C17843

• knownsec/shellcodeloader

  shellcodeloader

  Language:C++1.7k371

• Chainski/PandaLoader

  A WIP shellcode loader tool which bypasses AV/EDR, coded in C++, and equipped with a minimal console builder.

  Language:C++336

• SaadAhla/D1rkLdr

  Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscall instruction address resolving at run time

  Language:C++30059

• Konis-Bros/espio

  Shellcode obfuscation tool to avoid AV/EDR.

  Language:C++10413

• WithSecureLabs/CallStackSpoofer

  A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)

  Language:C++41661

• xf555er/ShellcodeLoader

  This is my FirstRepository

  Language:C++29461

• LadybirdBrowser/ladybird

  Truly independent web browser

  Language:C++19.9k825

• accidentalrebel/shcode2exe

  Compile shellcode into an exe file from Windows or Linux.

  Language:Python5813

• HackOvert/AntiDBG

  A bunch of Windows anti-debugging tricks for x86 and x64.

  Language:C++75588

• odzhan/injection

  Windows process injection methods

  Language:C12520

• sailay1996/WerTrigger

  Weaponizing for privileged file writes bugs with windows problem reporting

  Language:C++20433

• MahmoudZohdy/Process-Injection-Techniques

  Various Process Injection Techniques

  Language:C++14120

• Cherno-x/MyShellcodeLoader

  免杀与恶意软件开发

  Language:C++19621

• notscimmy/libcapcom

  Capcom driver exploit wrapper

  Language:C12129

• notscimmy/pplib

  Elevate a process to be a protected process

  Language:C++14042

• VirtualAlllocEx/Direct-Syscalls-vs-Indirect-Syscalls

  The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls

  Language:C15620

• ReversingID/Shellcode-Loader

  Open repository for learning dynamic shellcode loading (sample in many programming languages)

  Language:C++21141

• SaadAhla/Shellcode-Hide

  This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp, socket)

  Language:C++398100

• gatariee/ldrgen

  Template-based generation of shellcode loaders

  Language:C657

• gatariee/gocheck

  Because AV evasion should be easy.

  Language:Go30030

• Cracked5pider/LdrLibraryEx

  A small x64 library to load dll's into memory.

  Language:C42271

• Cracked5pider/Ekko

  Sleep Obfuscation

  Language:C66797

• oldboy21/SWAPPALA

  In-memory hiding technique

  Language:C425

• NUL0x4C/FetchPayloadFromDummyFile

  Construct the payload at runtime using an array of offsets

  Language:C575

• caueb/PPIDSpoofing-BlockNonMSDlls

  Spawn a process spoofing the parent process and restrict non-Microsoft dlls to inject into the process.

  Language:C2