CTF framework and exploit development library
-
Updated
Jun 15, 2024 - Python
A shell is a text-based terminal, used for manipulating programs and files. Shell scripts typically manage program execution.
CTF framework and exploit development library
windows syscalls with a single line and a comfort wrapper. comfort process module & export enumeration.
Python low-interaction honeyclient
TheBhTiNjector is a filebinder that can concatenate two or more files of some extensions that preserves the integrity of the files and gives you the option of injecting shellcode into them.
A C/C++ framework designed to simplify shellcode creation on any compilers and platforms using C. Supports Windows & Linux, and practically any existing architecture.
R.I.P. MrAnon/MrAnonTools/MrAnon666. This is free release for all kids who got scammed/ghosted by gentleman mentioned above. Have fun! ^^
Akame is an open-source, UD shellcode loader written in C++17.
Shell / Bash Scripting World
PE malware training exercises
Here you can find basically most of the exercises I'm solving during my University journey. This repo will contain lots of folders inside of it, each of one related to one subject. It won't be limited to one language.
This is a C++ library that can be used to access different information about processes on the windows platform, it also provides you with the capability of executing 64-bit code in Wow64 processes.
Using c++23 compile-time magic to produce obfuscated PIC strings and arrays.
bddisasm is a fast, lightweight, x86/x64 instruction decoder. The project also features a fast, basic, x86/x64 instruction emulator, designed specifically to detect shellcode-like behavior.
Sctript to install programs on linux
Cyber lab to explore different memory exploits and to analyze malware
RArAtikTdkA is a modern, c#-based malware with great undetectable techniques
SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also contains its own custom disassembler, with many innovative features, such as being able to show the deobfuscated disassembly of an encoded shellcode, or integrating emulation data to enhance the disassembly.
aouto startup remote controle virus example for edu only
Scripts, POCs & more
Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.