Malicious code in weavedb-offchain (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d267c34e35dca7091a9ab01d22a9c0a4cfde364531b8017f15f4a09785381198 package.json declares scripts.preinstall: "./.github/scripts/precheck", where precheck is a 976,568-byte stripped Linux ELF binary sha256...

COORG_EXECUTOR

🚀 COORG-EXECUTOR - Professional Roblox Script Executor for...

[SECURITY] Fedora 44 Update: gammaray-3.1.0-20.fc44

A tool to poke around in a Qt-application and also to manipulate the application to some extent. It uses various DLL injection techniques to hook into an application at run-time and provide access to a lot of interesting information. GammaRay can introspect Qt 6 and Qt 5 applications...

EUVD-2018-15462

Malware in sbrugna...

EUVD-2003-0635

Malware in sbrugna...

EUVD-2018-17979

Malware in sbrugna...

Kernel-Bridge

This repository is an offensive tool for Windows kernel hacking. It is a Windows kernel hacking framework, driver template, hypervisor, and API written in C++. The primary function of this framework is to provide a set of tools for kernel-mode code injection, hooking, and manipulation. The...

Exploit for Improper Initialization in Linux Linux_Kernel

This is a PoC exploit for the Dirty Pipe vulnerability CVE-2022-0847 on Android, specifically targeting Pixel 6 devices with a security patch level from 2022-02-05 to 2022-04-05. The exploit is designed to overwrite readable files and can't overwrite the first byte of each page each 4096 bytes. I...

Secure Development of a Hooking-Based Deception Framework against Keylogging Techniques

Keyloggers remain a serious threat in modern cybersecurity, silently capturing user keystrokes to steal credentials and sensitive information. Traditional defenses focus mainly on detection and removal, which can halt malicious activity but do little to engage or mislead adversaries. In this pape...

CPUID CPU-Z 安全漏洞

CPUID CPU-Z is a system hardware information detection tool from CPUID. A security vulnerability exists in CPUID CPU-Z version 1.0.5.4, which stems from unverified parameters allowing modification of MSRLSTAR and hook KiSystemCall64...

nodejs: Node.js Worker Thread Exposure via Diagnostics Channel

A flaw was found in the Node.js diagnosticschannel. This vulnerability allows an attacker to reinstate and misuse worker constructors, potentially bypassing the Permission Model via hooking into events when a worker thread is created...

CVE-2025-23083

With the aid of the diagnosticschannel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers but also exposes internal workers, where an instance of them can be fetched, and its constructor can be grabbed and reinstated for malicious usage...

BokuLoader - A Proof-Of-Concept Cobalt Strike Reflective Loader Which Aims To Recreate, Integrate, And Enhance Cobalt Strike's Evasion Features!

A proof-of-concept User-Defined Reflective Loader UDRL which aims to recreate, integrate, and enhance Cobalt Strike's evasion features! Contributors: Contributor | Twitter | Notable Contributions ---|---|--- Bobby Cooke | @0xBoku | Project original author and maintainer Santiago Pecin | @s4ntiago...

NativeDump - Dump Lsass Using Only Native APIs By Hand-Crafting Minidump Files (Without MinidumpWriteDump!)

NativeDump allows to dump the lsass process using only NTAPIs generating a Minidump file with only the streams needed to be parsed by tools like Mimikatz or Pypykatz SystemInfo, ModuleList and Memory64List Streams. NTOpenProcessToken and NtAdjustPrivilegeToken to get the "SeDebugPrivilege"...

CrimsonEDR - Simulate The Behavior Of AV/EDR For Malware Development Training

CrimsonEDR is an open-source project engineered to identify specific malware patterns, offering a tool for honing skills in circumventing Endpoint Detection and Response EDR. By leveraging diverse detection methods, it empowers users to deepen their understanding of security evasion tactics...

NoArgs - Tool Designed To Dynamically Spoof And Conceal Process Arguments While Staying Undetected

NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into Windows APIs to dynamically manipulate the Windows internals on the go. This allows NoArgs to alter process arguments discreetly. Default Cmd: Windows Event Logs...

BestEdrOfTheMarket - Little AV/EDR Bypassing Lab For Training And Learning Purposes

Little AV/EDR Evasion Lab for training & learning purposes. ️ under construction..​ | | | | | | \ / \ / | | | | | \ / / | | | | | | | | | | | | | | | | | | ' \ / \ | | | /\ \ | | || || | | || | | | | | | | | / |/||/| ||/|| \ /|| || || ||| | / | | | | | | |/| |/ | '| |/ / \ | | | | | | | |...

Blackbone - Windows Memory Hacking Library

Windows memory hacking library Features x86 and x64 support Process interaction Manage PEB32/PEB64 Manage process through WOW64 barrier Process Memory Allocate and free virtual memory Change memory protection Read/Write virtual memory Process modules Enumerate all 32/64 bit modules loaded...

Exploit for NULL Pointer Dereference in Linux Linux_Kernel

DECPwn Practicing different Linux kernel exploitation techniqu...

C2-Hunter - Extract C2 Traffic

C2-Hunter C2-Hunter is a program designed for malware analysts to extract Command and Control C2 traffic from malwares in real-time. The program uses a unique approach by hooking into win32 connections APIs. With C2-Hunter, malware analysts can now intercept and analyze communication in real-time...