ORCx41

Seeking Knowledge

lebanon

Pinned Repositories

ApiHashing
Replacing GetModuleHandle & GetProcAddress as a God
Language:C10415
AtomPePacker
A Highly capable Pe Packer
Language:C548 16 798
DeleteShadowCopies
Deleting Shadow Copies In Pure C++
Language:C++10121
EtwSessionHijacking
A Poc on blocking Procmon from monitoring network events
Language:C++9213
GP
using the gpu to hide your payload
Language:C235
HellShell
transform your payload into ipv4/ipv6/mac arrays
Language:C26 1 07
KnownDllUnhook
Replace the .txt section of the current loaded modules from \KnownDlls\ to bypass edrs
Language:C22431
NoRunPI
Run Your Payload Without Running Your Payload
Language:C16730
Syscallslib
a library that automates some clean syscalls to make it easier to implement
Language:C6617
TerraLdr
A Payload Loader Designed With Advanced Evasion Features
Language:C384 7 461

ORCx41's Repositories

ORCx41/AtomPePacker
A Highly capable Pe Packer
Language:C548 16 798
ORCx41/TerraLdr
A Payload Loader Designed With Advanced Evasion Features
Language:C384 7 461
ORCx41/KnownDllUnhook
Replace the .txt section of the current loaded modules from \KnownDlls\ to bypass edrs
Language:C22431
ORCx41/NoRunPI
Run Your Payload Without Running Your Payload
Language:C16730
ORCx41/ApiHashing
Replacing GetModuleHandle & GetProcAddress as a God
Language:C10415
ORCx41/DeleteShadowCopies
Deleting Shadow Copies In Pure C++
Language:C++10121
ORCx41/EtwSessionHijacking
A Poc on blocking Procmon from monitoring network events
Language:C++9213
ORCx41/Syscallslib
a library that automates some clean syscalls to make it easier to implement
Language:C6617
ORCx41/EntropyFix
reducing the entropy of your payload
Language:C55 1 07
ORCx41/W0wS3cur1tyEDR
a edr like program that hooks some syscalls
Language:C5010
ORCx41/Ultra
A Small Poc On An Encryption/Decryption Algorithm Used As A File Locker
Language:C467
ORCx41/ManualRsrcDataFetching
Get your data from the resource section manually, with no need for windows apis
Language:C4213
ORCx41/HellShell
transform your payload into ipv4/ipv6/mac arrays
Language:C26 1 07
ORCx41/D-R-Shellcode
download and run your payload from a url
Language:C236
ORCx41/GP
using the gpu to hide your payload
Language:C235
ORCx41/T.D.P.
Using Thread Description To Hide Shellcodes
Language:C++96
ORCx41/KctHijackLib
using the kct to run your shellcode the apt style
Language:C85
ORCx41/RecycleBinPersistence
using the Recycle Bin to insure persistence
Language:C82
ORCx41/SnapLoader
just me playing with c
Language:C8 2 04
ORCx41/PerunsFart
replace and unhook ntdll from a suspended process
Language:C52
ORCx41/ToasterLoader
just a stupid way to run a payload
Language:C++54
ORCx41/AsmLogger
asm keylogger that handles special characters and writes to a file
Language:Assembly42
ORCx41/openbsd
Source code pulled from OpenBSD for LibreSSL - this includes most of the library and supporting code. The place to contribute to this code is via the OpenBSD CVS tree. Please mail patches to tech@openbsd.org, instead of submitting pull requests, since this tree is often rebased.
Language:C11
ORCx41/EDRs
Language:C
ORCx41/Ekko
Sleep Obfuscation
1
ORCx41/FOLIAGE
Public variation of FOLIAGE ( original developer )
ORCx41/KaynLdr
KaynLdr is a Reflective Loader written in C/ASM
ORCx41/ORCx41
ORCx41/process_ghosting
Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted file
ORCx41/VX-API
Collection of various malicious functionality to aid in malware development
Language:C++3