Different methods to get current username without using whoami
-
Updated
Feb 12, 2024 - C#
Different methods to get current username without using whoami
C# Malware that Steal Discord Token Directly From Memory and bypass any kind of token protection
A builder for BatchStealer
This is a free & Open source File dropper that is made strictly for EdUcAtIoNaL pUrPoSeS of course
This tool backs up all downloaded files during the malware execution period and helps the dynamic malware analysis process.
Overwrite ntdll.dll's ".text" section to bypass API hooking. Getting the clean dll from disk, Knowndlls folder, a debugged process or a URL
GetProcAddress implementation in C# walking the PEB using only ReadProcessMemory
Obfuscate payloads using IPv4, IPv6, MAC or UUID strings
PoC to self-delete a binary in C#
KeyLogger and ScreenShot maker as daemon
C# implementation of Guard Pages API Hooking
GetModuleHandle implementation in C# using only NtQueryInformationProcess by walking the PEB
SimpleRAT, a simple Windows RAT in C#, inspired by Xeno-RAT
Read, write and delete Alternate Data Streams (ADS) within NTFS, to hide malicious payloads
RArAtikTdkA is a modern, c#-based malware with great undetectable techniques
🔑 This C#-based stealer allows you to capture logs and send them directly to your Telegram bot.
Get process handle(s) from process name using NtGetNextProcess and GetProcessImageFileName
Stealthier alternative to whoami.exe in C#, it gets environment variables from PEB (PRTL_USER_PROCESS_PARAMETERS)
Read, write and delete Extended Attributes (EAs) within NTFS, to hide malicious payloads
Quite Fun Malware - Keylogger
Add a description, image, and links to the malware-development topic page so that developers can more easily learn about it.
To associate your repository with the malware-development topic, visit your repo's landing page and select "manage topics."