• Stars
    star
    383
  • Rank 111,995 (Top 3 %)
  • Language
    C++
  • Created 10 months ago
  • Updated 10 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer

More Repositories

1

TrickBot-Toolkit

A collection of tools for dealing with TrickBot
Python
198
star
2

EDRception

A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
C++
161
star
3

ZombifyProcess

Inject code into a legitimate process
C++
141
star
4

TinyXPB

Windows XP 32-Bit Bootkit
C
139
star
5

CreateDesktop

Example application for creating multiple desktops on Windows
C++
130
star
6

AppContainerSandbox

An example sandbox using AppContainer (Windows 8+)
C++
129
star
7

FakeMBR

TDL4 style rootkit to spoof read/write requests to master boot record
C++
126
star
8

CitrixHoneypot

Detect and log CVE-2019-19781 scan and exploitation attempts.
HTML
113
star
9

Log4jTools

Tools for investigating Log4j CVE-2021-44228
Python
95
star
10

BasicHook

x86 Inline hooking engine (using trampolines)
C
91
star
11

HiddenDesktop

Create and enumerate hidden desktops.
C
86
star
12

FstHook

A library for intercepting native functions by hooking KiFastSystemCall
C++
72
star
13

UACElevator

Passive UAC elevation using dll infection
C++
70
star
14

RDGScanner

A proof-of-concept scanner to check an RDG Gateway Server for vulnerabilities CVE-2020-0609 & CVE-2020-0610.
Python
69
star
15

Beginner-Reversing-Challenges

https://www.malwaretech.com/beginner-malware-reversing-challenges
53
star
16

MSDIA-x64

Enable Microsoft PDB support in Ghidra without installing Visual Studio
Batchfile
40
star
17

SpookySSLTools

Example tools for detecting software using OpenSSL 3.0.0 - 3.0.6 (vulnerable to latest unnamed vulnerability)
PowerShell
39
star
18

FollinaExtractor

Extract payload URLs from Follina (CVE-2022-30190) docx and rtf files
Python
30
star
19

SimpleEpollServer

An example epoll imlementation with C++11
C++
29
star
20

PhaseHack

Phase C&C Blind SQL Injection
Python
9
star
21

NeutrinoBotHack

SQL injection in Neutrino panel
Python
8
star
22

PhaseDump

Python tool for decrypting W32/Phase modules
Python
6
star
23

CVE-2024-47176-Scanner

A simple scanner for identifying vulnerable cups-browsed instances on your network
Python
5
star