@MalwareTech
github

MalwareTech

Twitter logo Share LinkedIn logo Share Facebook logo Share
  • Stars
    star
    2,217
  • Global Rank 13,800 (Top 0.5 %)
  • Followers 1,780
  • Registered over 10 years ago
  • Most used languages
    C++
         39.1 %
    Python
         34.8 %
    C
         13.0 %
    Batchfile     4.3 %
    HTML
         4.3 %
    PowerShell
         4.3 %

Top repositories

1

EDR-Preloader

An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
C++
383
star
2

TrickBot-Toolkit

A collection of tools for dealing with TrickBot
Python
198
star
3

EDRception

A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
C++
161
star
4

ZombifyProcess

Inject code into a legitimate process
C++
141
star
5

TinyXPB

Windows XP 32-Bit Bootkit
C
139
star
6

CreateDesktop

Example application for creating multiple desktops on Windows
C++
130
star
7

AppContainerSandbox

An example sandbox using AppContainer (Windows 8+)
C++
129
star
8

FakeMBR

TDL4 style rootkit to spoof read/write requests to master boot record
C++
126
star
9

CitrixHoneypot

Detect and log CVE-2019-19781 scan and exploitation attempts.
HTML
113
star
10

Log4jTools

Tools for investigating Log4j CVE-2021-44228
Python
95
star
11

BasicHook

x86 Inline hooking engine (using trampolines)
C
91
star
12

HiddenDesktop

Create and enumerate hidden desktops.
C
86
star
13

FstHook

A library for intercepting native functions by hooking KiFastSystemCall
C++
72
star
14

UACElevator

Passive UAC elevation using dll infection
C++
70
star
15

RDGScanner

A proof-of-concept scanner to check an RDG Gateway Server for vulnerabilities CVE-2020-0609 & CVE-2020-0610.
Python
69
star
16

Beginner-Reversing-Challenges

https://www.malwaretech.com/beginner-malware-reversing-challenges
53
star
17

MSDIA-x64

Enable Microsoft PDB support in Ghidra without installing Visual Studio
Batchfile
40
star
18

SpookySSLTools

Example tools for detecting software using OpenSSL 3.0.0 - 3.0.6 (vulnerable to latest unnamed vulnerability)
PowerShell
39
star
19

FollinaExtractor

Extract payload URLs from Follina (CVE-2022-30190) docx and rtf files
Python
30
star
20

SimpleEpollServer

An example epoll imlementation with C++11
C++
29
star
21

PhaseHack

Phase C&C Blind SQL Injection
Python
9
star
22

NeutrinoBotHack

SQL injection in Neutrino panel
Python
8
star
23

PhaseDump

Python tool for decrypting W32/Phase modules
Python
6
star
24

CVE-2024-47176-Scanner

A simple scanner for identifying vulnerable cups-browsed instances on your network
Python
5
star