Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

Multilayered AV/EDR Evasion Framework

x64 Windows kernel driver mapper, inject unsigned driver using anycall

ARTist's core implementation meant to be included in the art project. Provides ARTist APIs and boilerplate code for modules.

PoC for detecting and dumping code injection (built and extended on UnRunPE)

Inject the whole exe into another process

Minimal example how to create a custom DInput8.dll to hook into games and replace other API calls.

A lightweight C++ library designed for function interception within injected DLLs, providing a streamlined approach to modifying application behavior at runtime. Ideal for educational purposes, debugging, and dynamic software analysis.

Code Injection technique written in cpp language

Fork of android's official platform/art repo, with ARTist's branches and the ARTist submodule.

Injection of managed code into non-managed Windows applications

FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a target process, inject shellcode, and then seamlessly resume (thaw) it.

C++ Code Injector Class

A DLL Injection Detector for Windows

A Virus to encourage veganism and deter against eating meat.

Injection Technique: Inserts current process into target process

Enables .so library loading for SimCity 4 for Mac

APC Injection is a code injection technique which bypasses TLS callback protections (Windows OS)

MarGotAspect - An AspectC++ code generator for the mARGOt framework

A MANIAC module for library injection on Android.