Pinned Repositories
2Simple-Dll-Injector
C# DLL Injector written as simple as possible
Black-Angel-Rootkit
Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.
CaveCarver
CaveCarver - PE backdooring tool which utilizes and automates code cave technique
Cronos-Rootkit
Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.
Heap-Injection
Example of C# heap injector for x64 and x86 shellcodes
Kernel-Process-Hollowing
Windows x64 kernel mode rootkit process hollowing POC.
MBR-Overwrite-with-custom-message
Overwrite MBR and add own custom message
Shellcodev
Shellcodev is a tool designed to help and automate the process of shellcode creation.
Watykanczyk
Remake znanego wirusa Watykańczyka w C#
ZwProcessHollowing
ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
XaFF-XaFF's Repositories
XaFF-XaFF/Cronos-Rootkit
Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.
XaFF-XaFF/Black-Angel-Rootkit
Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.
XaFF-XaFF/CaveCarver
CaveCarver - PE backdooring tool which utilizes and automates code cave technique
XaFF-XaFF/Kernel-Process-Hollowing
Windows x64 kernel mode rootkit process hollowing POC.
XaFF-XaFF/Shellcodev
Shellcodev is a tool designed to help and automate the process of shellcode creation.
XaFF-XaFF/ZwProcessHollowing
ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
XaFF-XaFF/2Simple-Dll-Injector
C# DLL Injector written as simple as possible
XaFF-XaFF/Watykanczyk
Remake znanego wirusa Watykańczyka w C#
XaFF-XaFF/Heap-Injection
Example of C# heap injector for x64 and x86 shellcodes
XaFF-XaFF/MBR-Overwrite-with-custom-message
Overwrite MBR and add own custom message
XaFF-XaFF/2Simple-Keylogger
Simple keylogger written in C# which is ready for modifications.
XaFF-XaFF/AMSI-Bypass
Rasta's mouse AMSI patch but with function that makes it undetectable.
XaFF-XaFF/WinREPL
WinREPL is a "read-eval-print loop" shell on Windows that is useful for testing/learning x86 and x64 assembly.
XaFF-XaFF/Assembler-MessageBox
An Assembly x86 code that shows Windows MessageBox kept as simple as possible.
XaFF-XaFF/Discord-Webhook-Cannon
Discord Webhook Cannon is a C# multithreaded, open-source Discord Webhook flooder. It can be used to flood webhooks which are used in malware.
XaFF-XaFF/Win_Rootkit
A kernel-mode rootkit with remote control
XaFF-XaFF/totheroot
XaFF-XaFF/WinXRunPE
💉 Two C# RunPE's capable of x86 and x64 injections 💉
XaFF-XaFF/web_markup
XaFF-XaFF/XaFF-XaFF