D1rkMtr

UUID shellcode Loader with dynamic indirect syscall implementation, syscall number/instruction get resolved dynamicaly at runtime, and the syscall number/instruction get unhooked using Halosgate techn...

D1rkMtr

Maquerade any legitimate Windows binary by changing some fields in the PEB structure

D1rkMtr

MAC, IPv4, UUID shellcode Loaders and Obfuscators to obfuscate the shellcode and using some native API to converts it to it binary format and loads it.

D1rkMtr

Bypass AMSI by patching AmsiScanBuffer api memory

D1rkMtr

this repo contains 6 AMSI patches , both force the triggering of a conditional jump inside AmsiOpenSession() that close the Amsi scanning session. The 1st patch by corrupting the Amsi context header...

D1rkMtr

a C2 feature , ScreenShot capture , the file output is a png on the current directory named "screen.png"

D1rkMtr

dynamically resolving System Service Number (syscall number) by offsets from the PEB with API hashing

D1rkMtr

give me sedebugprivilege I will become a SYSTEM by spoofing a parent process runned as AUTHORITY NT\system

D1rkMtr

Write and Hide each UUID in the char* array of UUIDS shellcode in a registry key value location as REG_SZ (the location could be different from the other), then retrieve them and assemble them in UUID...

D1rkMtr

Abusing VirusTotal API to host our C2 traffic, usefull for bypassing blocking firewall rules if VirusTotal is in the target white list , and in case you don't have C2 infrastructure , now you have a f...

D1rkMtr