cr-0w

cr-0w's Stars

• kokke/tiny-AES-c

  Small portable AES128/192/256 in C

  Language:C4.3k1.3k

• chvancooten/maldev-for-dummies

  A workshop about Malware Development

  Language:Nim1.6k188

• trickster0/TartarusGate

  TartarusGate, Bypassing EDRs

  Language:C54865

• SerenityOS/serenity

  The Serenity Operating System 🐞

  Language:C++30.9k3.2k

• klezVirus/SysWhispers3

  SysWhispers on Steroids - AV/EDR evasion via direct system calls.

  Language:Python1.3k171

• peppidesu/xorciph

  Language:Rust3

• stephenfewer/ReflectiveDLLInjection

  Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.

  Language:C2.8k782

• SaadAhla/HeapCrypt

  Encypting the Heap while sleeping by hooking and modifying Sleep with our own sleep that encrypts the heap

  Language:C++24044

• boku7/injectAmsiBypass

  Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.

  Language:C37768

• boku7/BokuLoader

  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!

  Language:C1.3k244

• longld/peda

  PEDA - Python Exploit Development Assistance for GDB

  Language:Python5.9k809

• SpecterOps/SharpHound

  C# Data Collector for BloodHound

  Language:C#790179

• SpecterOps/AzureHound

  Azure Data Exporter for BloodHound

  Language:Go58382

• SpecterOps/BloodHound-Legacy

  Six Degrees of Domain Admin

  Language:PowerShell10k1.7k

• capt-meelo/KernelCallbackTable-Injection

  Code used in this post https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html

  Language:C10527

• am0nsec/HellsGate

  Original C Implementation of the Hell's Gate VX Technique

  Language:C973120

• matterpreter/DefenderCheck

  Identifies the bytes that Microsoft Defender flags on.

  Language:C#2.4k410

• rasta-mouse/ThreatCheck

  Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.

  Language:C#1.1k127

• x64dbg/x64dbg

  An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

  Language:C++45.1k2.5k

• capt-meelo/laZzzy

  laZzzy is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques.

  Language:C++46470

• n00bk1t/n00bk1t

  Language:C5520

• m0n0ph1/Process-Hollowing

  Great explanation of Process Hollowing (a Technique often used in Malware)

  Language:C++1.3k221

• OneLoneCoder/CommandLineFPS

  A First Person Shooter at the command line? Yup...

  Language:C++607172

• OneLoneCoder/synth

  The latest code to make your own virtual sound synthesizer in Windows. Please see the videos associated with this code. Links in the source files.

  Language:C++367129

• jthuraisamy/SysWhispers2

  AV/EDR evasion via direct system calls.

  Language:Assembly1.6k234

• redcanaryco/invoke-atomicredteam

  Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red-team/tree/master/atomics) of Red Canary's Atomic Red Team project.

  Language:PowerShell863201

• yashmundra/Shellcode-Encryption

  Encrypting shellcode to Bypass AV

  Language:Python7125

• houjingyi233/dll-injection-by-CreateRemoteThread

  Language:C++97

• mantvydasb/RedTeaming-Tactics-and-Techniques

  Red Teaming Tactics and Techniques

  Language:PowerShell4.1k1.1k

• monoxgas/sRDI

  Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode

  Language:PowerShell2.2k464