TakeMyRDP

A keystroke logger targeting the Remote Desktop Protocol (RDP) related processes, It utilizes a low-level keyboard input hook, allowing it to record keystrokes in certain contexts (like in mstsc.exe and CredentialUIBroker.exe)

created at July 2, 2023, 5:25 p.m.

4

181

37

DocPlz

Documents Exfiltration project for fun and educational purposes

created at Oct. 2, 2023, 8:49 p.m.

2

96

15

D1rkLrd

Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscall instruction address resolving at run time

created at Jan. 30, 2023, 9:01 p.m.

4

150

27

NTDLLReflection

Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll , and trigger exported APIs from the export table

created at Feb. 3, 2023, 5:12 p.m.

5

174

22

FilelessPELoader

Loading Remote AES Encrypted PE in memory , Decrypted it and run it

created at Feb. 8, 2023, 4:59 p.m.

6

354

68

UnhookingPatch

Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime

created at Feb. 8, 2023, 4:21 p.m.

3

122

22

GithubC2

Github as C2 Demonstration , free API = free C2 Infrastructure

created at Feb. 15, 2023, 12:50 a.m.

1

83

18

HeapCrypt

Encypting the Heap while sleeping by hooking and modifying Sleep with our own sleep that encrypts the heap

created at March 25, 2023, 5:19 a.m.

4

137

25

PE-Obfuscator

PE obfuscator with Evasion in mind

created at April 25, 2023, 4 a.m.

6

142

25

StackCrypt

Create a new thread that will suspend every thread and encrypt its stack, then going to sleep , then decrypt the stacks and resume threads

created at April 26, 2023, 3:24 a.m.

2

73

14