MalwareTech's repositories
EDR-Preloader
An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
TrickBot-Toolkit
A collection of tools for dealing with TrickBot
EDRception
A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
ZombifyProcess
Inject code into a legitimate process
CreateDesktop
Example application for creating multiple desktops on Windows
AppContainerSandbox
An example sandbox using AppContainer (Windows 8+)
CitrixHoneypot
Detect and log CVE-2019-19781 scan and exploitation attempts.
Log4jTools
Tools for investigating Log4j CVE-2021-44228
HiddenDesktop
Create and enumerate hidden desktops.
UACElevator
Passive UAC elevation using dll infection
RDGScanner
A proof-of-concept scanner to check an RDG Gateway Server for vulnerabilities CVE-2020-0609 & CVE-2020-0610.
Beginner-Reversing-Challenges
https://www.malwaretech.com/beginner-malware-reversing-challenges
SpookySSLTools
Example tools for detecting software using OpenSSL 3.0.0 - 3.0.6 (vulnerable to latest unnamed vulnerability)
FollinaExtractor
Extract payload URLs from Follina (CVE-2022-30190) docx and rtf files
SimpleEpollServer
An example epoll imlementation with C++11
NeutrinoBotHack
SQL injection in Neutrino panel