peta909

Malware Researcher, always hoping to learn more and share knowledge with others.

Singapore

Pinned Repositories

Atom_bombing
Commented version of Atom_bombing injection technique. Original source code from https://blog.ensilo.com/atombombing-brand-new-code-injection-for-windows
Language:C++2 1 02
Carberp
Carberp Banking Trojan
Language:C++1 0 00
CreateProcess
A simple C++ app to demo the use of CreateProcess() ,WaitForSingleObject() and use of handles.
Language:C++3 1 00
DanSpecial
Weaponizing Gigabyte driver for priv escalation and bypass PPL
Language:C1 1 00
DrvMon
Advanced driver monitoring utility.
Language:C1 0 00
FileTest
Source code for File Test - Interactive File System Test Tool
Language:C++1 1 00
malware-source-nanomites
Language:Assembly1 1 00
NtCreateUserProcess_
Language:C12 3 24

peta909's Repositories

peta909/NtCreateUserProcess_
Language:C12 3 24
peta909/Atom_bombing
Commented version of Atom_bombing injection technique. Original source code from https://blog.ensilo.com/atombombing-brand-new-code-injection-for-windows
Language:C++2 1 02
peta909/Processing_listing_CreateToolhelp32Snapshot
Language:C++1 1 00
peta909/AndrewSpecial
AndrewSpecial, dumping lsass' memory stealthily and bypassing "Cilence" since 2019.
Language:C++
peta909/Antimalware-Research
Research on Anti-malware and other related security solutions
Language:C1 0
peta909/aplib-ripper
Use this library to automatically extract PE files compressed with aplib from a binary blob.
Language:Python1 0
peta909/BMI_Calulator
BMI Calculator use to demo used of passed by reference.
Language:C++0 0
peta909/Class_OOP_CheatSheet
Language:C++1 0
peta909/emofishes
Emofishes is a collection of proof of concepts that help improve, bypass or detect virtualized execution environments (focusing on the ones setup for malware analysis).
Language:C1 0
peta909/Files-Store
1 0
peta909/FindProcessUsingName
Language:C++1 0
peta909/fuckVmp3
fuck like title.
Language:Python1 0
peta909/HexRaysCodeXplorer
Hex-Rays Decompiler plugin for better code navigation
Language:C++1 0
peta909/injection-1
Windows process injection methods
Language:C1 0
peta909/ksm
A fast, hackable and simple x64 VT-x hypervisor for Windows and Linux. Builtin userspace sandbox and introspection engine.
peta909/Mastering-Reverse-Engineering
Mastering Reverse Engineering, published by Packt
Language:C++0 0
peta909/Native_NtSuspendProcess
Use NtSuspendProcess to suspend process
Language:C++1 0
peta909/PE-Runtime-Data-Structures
1 0
peta909/pe-sieve
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
Language:C++1 0
peta909/Pointers_References
Language:C++1 0
peta909/Portable-Executable-PE-Format-Poster
A Portable Executable (PE) Format poster in A1 59,4 x 84,1 cm format, including almost all of the structures from PE/PE32+ format (with comments from WinNT.h header file).
peta909/Resonance
A C polymorphic and metamorphic engine
Language:C0 0
peta909/ScyllaHide
Advanced usermode anti-anti-debugger
Language:C++1 0
peta909/sgxrop
The code to the SGX-ROP paper
Language:C0 0
peta909/shellerate
A shellcode generator with encryption, encoding and polymorphism facilities built-in
Language:Python1 0
peta909/Wait4SingleObj_EX_QueueAPC
Language:C++
peta909/Win-LocalPriv-Escalation-polarbear
Windows Local Privilege Escalation - 0 Day Vulnerability (schtasks.exe) released by @SandboxEscaper :)
Language:C++1 0
peta909/windbg-scripts
A bunch of JavaScript extensions for WinDbg.
Language:JavaScript1 0
peta909/youtube-dl
Command-line program to download videos from YouTube.com and other video sites
Language:Python
peta909/zerokit
Language:C1 0