Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Projects in Awesome Lists by cocomelonc

A curated list of projects in awesome lists by cocomelonc .

https://github.com/cocomelonc/peekaboo

Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.

aes cpp cryptography encryption injection injector malware-development obfuscation pe-files shellcode xor

Last synced: 12 Apr 2025

https://github.com/cocomelonc/meow

Cybersecurity research results. Simple C/C++ and Python implementations

cryptography cybersecurity hacking malware malware-analysis malware-research mathematics maths research

Last synced: 04 Apr 2025

https://github.com/cocomelonc/ejpt

some eJPT exam preparation notes

ejpt ethicalhacking hacking pentest pentesting

Last synced: 21 Apr 2025

https://github.com/cocomelonc/cocomelonc.github.io

Cybersecurity blog. Red Team, pentest, malware analysis and dev

cybersecurity

Last synced: 07 Apr 2025

https://github.com/cocomelonc/bsprishtina-2024-maldev-workshop

BSides Prishtina 2024 Malware Development and Persistence workshop

Last synced: 09 Apr 2025

https://github.com/cocomelonc/2022-06-05-malware-av-evasion-7

Malware AV evasion via disable Windows Defender (Registry). C++

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-04-02-malware-injection-18

Find kernel32 base and API addresses. Simple C++ implementation

Last synced: 21 Apr 2025

https://github.com/cocomelonc/hack-process-hacker2

Proof of Concept example for abusing Process Hacker 2 (v2.39.124)

Last synced: 23 Feb 2025

https://github.com/cocomelonc/offzone-2024-malware-persistence-workshop

OFFZONE 2024 Malware Persistence workshop

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-07-21-malware-tricks-22

Run payload like a Lazarus Group (UuidFromStringA). C++ implementation

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-01-14-malware-injection-13

Code injection via ZwCreateSection, ZwUnmapViewOfSection. C++ example

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-01-24-malware-injection-15

Process injection via KernelCallbackTable

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-06-27-malware-injection-20

Run shellcode via EnumDesktopsA. C++ implementation

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-05-02-malware-pers-3

Malware persistence via COM DLL hijacking. C++ implementation example

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2021-04-09-av-evasion-1-

AV engines evasion for C++ simple malware part 1 source code

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-09-06-malware-tricks-23

Malware dev tricks: parent PID spoofing. C++ implementation

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-04-20-malware-pers-1

Malware development: persistence - part 1: startup folder registry keys. C++ implementation

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-01-17-malware-injection-14

Code injection via memory sections (Zw) and ZwQueueApcThread. C++ malware example

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-07-13-malware-injection-21

Malware dev. Run shellcode via EnumChildWindows. C++ implementation

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-10-28-token-theft-2

APT techniques: Token theft via UpdateProcThreadAttribute. C++ implementation

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-04-13-malware-injection-19

Classic DLL injection. Download dll from url and inject. Simple C++ implementation

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-09-10-malware-pers-10

Malware dev persistence part 10: via Image File Execution Options. C++ implementation

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-03-18-malware-av-evasion-4

AV evasions part 4. Trick with hide API calls via ordinals. Simple C++ example

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-04-26-malware-pers-2

Windows persistence via screensavers. Simple C++ implementation

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-08-16-malware-av-evasion-9

Malware AV evasion via RC4 encrypt. C++ example

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-03-22-malware-av-evasion-5

AV evasion part 5. C++ implementation

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2023-06-09-syscalls-2

Malware dev tricks - part 33. Syscalls part 2. Simple C++ PoC example

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2023-06-07-syscalls-1

Malware dev tricks. Syscalls part 1. Simple C example

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2023-06-04-malware-tricks-31

Malware dev trick part 31. Simple C++ PoC

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2021-10-30-windows-shellcoding-2

Find kernel32.dll base address via ASM

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2022-08-26-malware-pers-9

Malware persistence via change default file association. C++ malware example

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-05-09-malware-pers-4

Malware development persistence part 4. Simple C++ example

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2021-09-19-injection-1

C++ classic code injection example. Source code of my post

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-07-29-malware-av-evasion-8

Malware AV evasion trick: payload encoding via Z85 algorithm. C++ implementation

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-06-19-malware-pers-8

Malware persistence via Port Monitors. C++ implementation

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-06-12-malware-pers-7

Malware persistent trick. Winlogon registry keys. C++ implementation

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2021-12-11-malware-injection-11

Code injection via NtOpenProcess and NtAllocateVirtualMemory

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-10-21-malware-pers-16

Malawre development persistence: part 16. C++ implementation

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2021-09-11-reverse-shells

Source code of my post about reverse shells

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-11-05-malware-analysis-6

Malware analysis part 6. Shannon entropy

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-09-25-token-theft-1

Windows access token manipulation. C++ implementation example

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-09-15-malware-av-evasion-10

Malware AV/VM evasion: anti-debugging. NtGlobalFlag. C++ implementation

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-10-04-malware-pers-13

Malware development: persistence - part 13. C++ implementation example

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-03-14-malware-injection-17

Simple payload injection logic via FindWindow. Classic process injection impl C++

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-04-09-malware-av-evasion-6

AV/VM evasion techniques part 6. C++ implementation

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-05-29-malware-pers-6

Malware persistence part 6. Via Netsh helper DLL. C++ implementation

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-03-08-basic-hooking-2

Basic API hooking via push/retn method. Simple C++ example

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-05-16-malware-pers-5

Malware dev: persistence - part 5. AppInitDLLs. C++ implementation

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2023-05-22-malware-tricks-29

Malware dev tricks: part 29. Fileless storage - Registry. C++ implementation

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2023-05-26-malware-tricks-30

Malware dev tricks: part 30. Find pid NtGetNextProcess. Simple C++ implementation

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2021-12-21-simple-malware-av-evasion-3

AV evasion techniques - part 3. Simple C++ malware

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2021-10-09-linux-shellcoding-1

Linux shellcoding tutorial with examples

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2021-10-12-dll-hijacking-2

DLL hijacking with exported functions

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2021-12-07-malware-injection-10

Code injection via undocumented NtAllocateVirtualMemory

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2021-11-24-malware-injection-7

Classic DLL injection via SetWindowsHookEx. Simple C++ example

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2021-11-26-malware-injection-8

Code injection via Windows Fibers. Simple C++ example

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2021-09-24-injection-2

Classic DLL injection to remote process. C++ source code

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2023-05-11-malware-tricks-28

Malware dev tricks: part 28. C++ example (PoC)

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2022-10-09-malware-pers-14

Malware dev - persistence part 14. C++ implementation example

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-12-21-malware-tricks-25

Malware development tricks part 25. Simple C++ implementation

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-02-23-malware-analysis-4

Malware analysis part 4. Simple python script to upload file to VirusTotal and get info about result of analysis

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2023-01-20-malware-pers-21

Malware persistence via CLSID extension handling. C++ implementation

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-11-27-malware-tricks-24

Malware dev tricks: part 24. ListPlanting. C++ implementation example

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-11-02-malware-pers-18

Malware persistence part 18. Simple C++ implementation

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-09-20-malware-pers-11

Malware persistence part 11. Powershell profile. C++ implementation example

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-10-12-malware-pers-15

Malware persistence part 15: IE. C++ implementation

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-02-01-malware-injection-16

Process injection via hunting RWX memory. C++ malware

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-11-16-malware-pers-19

Malware persistence part 19. Simple C++ implementation

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2021-09-15-rev-c-1

simple C++ windows reverse shell with AES encryption (command) example

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2021-12-06-malware-injection-9

DLL injection to another process via undocumented NtCreateThreadEx

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2022-02-15-malware-analysis-3

Threat hunting with YARA. Simple malware example and YARA rule. C++

Last synced: 21 Apr 2025

https://github.com/cocomelonc/meoware

Ransomware simulation PoC for different cryptographic algorithms

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2021-09-29-processfind-1

C++ simple injector with findMyProc function which find process by name and inject DLL to it

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2023-01-27-malware-analysis-7

Malware analysis part 7. YARA rule for CRC32 hash. Simple implementation of part of the REvil ransomware's logic

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2021-11-11-malware-injection-3

APC code injection technique example. C++

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2021-09-06-av-evasion-2

AV engines evasion for C++ simple malware part 2

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2021-11-22-malware-injection-5

APC injection via Queue an APC into all the threads

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2021-12-13-malware-injection-12

Code injection via utilizing sections for malicious code execution

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2021-10-08-malware-analysis-2

NASM tutorial. Malware analysis part 2

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2021-09-24-dllhijack

Source code of DLL hijacking in windows. Proof of Concept. Simple C example

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2021-11-30-basic-hooking-1

Classic 5-byte hook example. C++

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2022-09-30-malware-pers-12

Malware persistence - part 12. via Accessibility Features. C++ implementation

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2023-04-16-malware-av-evasion-16

AV/VM evsaion part 16. C++ example

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2021-11-20-injection-4

APC injection via undocumented NtTestAlert

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2021-10-26-windows-shellcoding-1

Windows shellcoding part1. Simplest examples in C/C++

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2023-02-20-malware-av-evasion-12

Malware AV evasion - part 12. encrypt payload with TEA. C++ implementation

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2022-02-07-mem-forensics-1

Basic memory forensics with Volatility 3. Simple example - classic process injection

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2021-10-03-malware-analysis-1

Intoduction to malware analysis. Begin x86 assembly lang crash course with examples.

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2021-10-17-linux-shellcoding-2

Linux shellcoding part 2: Reverse TCP shell

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2021-12-03-inline-asm-1

Run shellcode via inline ASM. C++ example

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2021-11-23-malware-injection-6

Code injection via thread hijacking. C++ malware example

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2023-02-10-malware-analysis-8

Malware analysis - part 8: MurmurHash2. C++ implementation

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2023-02-13-malware-av-evasion-11

Malware AV evasion part 11. DES encryption. C++ implementation.

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2021-10-20-buffer-overflow-1

Classic stack buffer overflow exploitation

Last synced: 11 Apr 2025

https://github.com/cocomelonc/2022-12-09-malware-pers-20

Persistence via UserInitMprLogonScript key value. Simple C++ implementation

Last synced: 11 Apr 2025

https://github.com/cocomelonc/nrzctf-writeups

My own writeups for https://nrzctf.kz

Last synced: 21 Apr 2025

https://github.com/cocomelonc/2023-01-04-malware-tricks-26

Malware dev tricks: part 26. Mutexes. C++ implementation

Last synced: 15 Apr 2025