KeyLogger and ScreenShot maker as daemon
-
Updated
Oct 18, 2023 - C#
KeyLogger and ScreenShot maker as daemon
SimpleRAT, a simple Windows RAT in C#, inspired by Xeno-RAT
C# implementation of Guard Pages API Hooking
🔑 This C#-based stealer allows you to capture logs and send them directly to your Telegram bot.
Get process handle(s) from process name using NtGetNextProcess and GetProcessImageFileName
Quite Fun Malware - Keylogger
Read, write and delete Alternate Data Streams (ADS) within NTFS, to hide malicious payloads
GetModuleHandle implementation in C# using only NtQueryInformationProcess by walking the PEB
Stealthier alternative to whoami.exe in C#, it gets environment variables from PEB (PRTL_USER_PROCESS_PARAMETERS)
Read, write and delete Extended Attributes (EAs) within NTFS, to hide malicious payloads
GetProcAddress implementation in C# walking the PEB using only ReadProcessMemory
PoC to self-delete a binary in C#
Overwrite ntdll.dll's ".text" section to bypass API hooking. Getting the clean dll from disk, Knowndlls folder, a debugged process or a URL
This tool backs up all downloaded files during the malware execution period and helps the dynamic malware analysis process.
RArAtikTdkA is a modern, c#-based malware with great undetectable techniques
Obfuscate payloads using IPv4, IPv6, MAC or UUID strings
A builder for BatchStealer
This is a free & Open source File dropper that is made strictly for EdUcAtIoNaL pUrPoSeS of course
C# Malware that Steal Discord Token Directly From Memory and bypass any kind of token protection
Different methods to get current username without using whoami
Add a description, image, and links to the malware-development topic page so that developers can more easily learn about it.
To associate your repository with the malware-development topic, visit your repo's landing page and select "manage topics."