This is your work, valued

NULL

Elite
@NUL0x4C

Windows Malware Researcher | co-founder of maldevacademy.com

KnownDllUnhook. Replace the .txt section of the current loaded modules from \KnownDlls\

307

HellShell. transform your payload into ipv4/ipv6/mac arrays

256

DeleteShadowCopies. Deleting Shadow Copies In Pure C++

118

EtwSessionHijacking. A Poc on blocking Procmon from monitoring network events

112

ManualRsrcDataFetching. Get your data from the resource section manually, with no need for windows apis

67

GP. using the gpu to hide your payload

63

HookingLsassForCredentials. Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials

61

Intel.AES-NI. Intel.AES-NI: Leveraging Intel AES-NI for AES-128 & AES-256 Encryption Modes

26

IOCTL_VOLSNAP_DELETE_SNAPSHOT. Querying And Deleting Shadow Copies Using The IOCTL_VOLSNAP_QUERY_NAMES_OF_SNAPSHOTS & IOCTL_VOLSNAP_DELETE_SNAPSHOT IOCTLs

22

MasmAES256CBC. Implementing AES 256 CBC in AES-NI - MASM Format

20

EDRs. C

11

AsmLogger. asm keylogger that handles special characters and writes to a file

10

libsodium. A modern, portable, easy to use crypto library.

4

PSBits. Simple (relatively) things allowing you to dig a bit deeper than usual.

4

FOLIAGE. Public variation of FOLIAGE ( original developer )

3

openbsd. Source code pulled from OpenBSD for LibreSSL - this includes most of the library and supporting code. The place to contribute to this code is via the OpenBSD CVS tree. Please mail patches to tech@openbsd.org, instead of submitting pull requests, since this tree is often rebased.

1

KaynLdr. KaynLdr is a Reflective Loader written in C/ASM

1

VX-API. Collection of various malicious functionality to aid in malware development

1

NUL0x4C.

1