MalwareTech/UACElevator

Stars
67
Rank 448,878 (Top 10 %)
Language
C++
Created over 9 years ago
Updated over 9 years ago

MalwareTech/UACElevator

MalwareTech

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Passive UAC elevation using dll infection

EDR-Preloader

An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer

TrickBot-Toolkit

A collection of tools for dealing with TrickBot

EDRception

A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.

ZombifyProcess

Inject code into a legitimate process

TinyXPB

Windows XP 32-Bit Bootkit

AppContainerSandbox

An example sandbox using AppContainer (Windows 8+)

CreateDesktop

Example application for creating multiple desktops on Windows

FakeMBR

TDL4 style rootkit to spoof read/write requests to master boot record

CitrixHoneypot

Detect and log CVE-2019-19781 scan and exploitation attempts.

Log4jTools

Tools for investigating Log4j CVE-2021-44228

BasicHook

x86 Inline hooking engine (using trampolines)

HiddenDesktop

Create and enumerate hidden desktops.

RDGScanner

A proof-of-concept scanner to check an RDG Gateway Server for vulnerabilities CVE-2020-0609 & CVE-2020-0610.

FstHook

A library for intercepting native functions by hooking KiFastSystemCall

Beginner-Reversing-Challenges

https://www.malwaretech.com/beginner-malware-reversing-challenges

SpookySSLTools

Example tools for detecting software using OpenSSL 3.0.0 - 3.0.6 (vulnerable to latest unnamed vulnerability)

MSDIA-x64

Enable Microsoft PDB support in Ghidra without installing Visual Studio

FollinaExtractor

Extract payload URLs from Follina (CVE-2022-30190) docx and rtf files

SimpleEpollServer

An example epoll imlementation with C++11

NeutrinoBotHack

SQL injection in Neutrino panel

PhaseHack

Phase C&C Blind SQL Injection

PhaseDump

Python tool for decrypting W32/Phase modules