Maldev Academy

All

21 repositories

DumpBrowserSecrets
Public
Extracts browser-stored data such as refresh tokens, cookies, saved credentials, credit cards, autofill entries, browsing history, and bookmarks from modern Chr…
firefox chrome opera vivaldi msedge credential-harvesting
C
•
MIT License
•82•569•0•0•Updated Feb 14, 2026Feb 14, 2026
GitLabDeviceCodePhishing
Public
A tool to easily perform GitLab Device Code Phishing on red team engagements
Python
•
MIT License
•3•46•0•0•Updated Feb 9, 2026Feb 9, 2026
GitHubDeviceCodePhishing
Public
A tool to easily perform GitHub Device Code Phishing on red team engagements
Python
•
MIT License
•11•85•0•0•Updated Feb 9, 2026Feb 9, 2026
PrefetchFileParser
Public
A lightweight Windows Prefetch file parser to extract programs' execution history
C
•
MIT License
•8•66•0•0•Updated Jan 12, 2026Jan 12, 2026
DumpChromeSecrets
Public archive
Extract data from modern Chrome versions, including refresh tokens, cookies, saved credentials, autofill data, browsing history, and bookmarks
chrome credential-harvesting
C
•
MIT License
•78•548•0•0•Updated Jan 8, 2026Jan 8, 2026
GhostlyHollowingViaTamperedSyscalls2
Public
Implementing Ghostly-Hollowing using tampered syscalls for remote PE injection
C
•
MIT License
•14•71•0•0•Updated Dec 26, 2025Dec 26, 2025
ElectronVulnScanner
Public
Automatically scan the file system to identify Electron applications vulnerable to ASAR tampering.
electron scanner injection asar
C
•
MIT License
•11•152•0•0•Updated Nov 28, 2025Nov 28, 2025
MaldevAcademyLdr.2
Public
RunPE implementation with multiple evasive techniques (2)
mimikatz runpe edr-evasion
C
•
MIT License
•36•273•0•0•Updated Sep 25, 2025Sep 25, 2025
TrapFlagForSyscalling
Public
Bypass user-land hooks by syscall tampering via the Trap Flag
C
•
MIT License
•21•139•0•0•Updated Aug 25, 2025Aug 25, 2025
AlphabeticalPolyShellGen
Public
Generate an Alphabetical Polymorphic Shellcode
C
•
MIT License
•25•138•0•0•Updated Aug 19, 2025Aug 19, 2025
Alphabetfuscation
Public
Convert your shellcode into an ASCII string
C
•
MIT License
•29•128•0•0•Updated Jun 27, 2025Jun 27, 2025
HookingLsassForCredentials
Public
Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
C
•
MIT License
•18•54•0•0•Updated May 12, 2025May 12, 2025
LsassHijackingViaReg
Public
Injecting DLL into LSASS at boot
C
•
GNU General Public License v3.0
•36•157•0•0•Updated Apr 29, 2025Apr 29, 2025
ExecutePeFromPngViaLNK
Public
Extract and execute a PE embedded within a PNG file using an LNK file.
Python
•
MIT License
•77•466•1•2•Updated Nov 2, 2024Nov 2, 2024
EmbedPayloadInPng
Public
Embed a payload inside a PNG file
C
•
MIT License
•55•370•0•0•Updated Oct 24, 2024Oct 24, 2024
DRMBinViaOrdinalImports
Public
Create Anti-Copy DRM Malware
drm anti-reversing anti-analysis
C
•
MIT License
•14•72•0•0•Updated Aug 19, 2024Aug 19, 2024
CodeSearchDemo
Public
Demo showcasing Maldev Academy’s code search database
C
•
MIT License
•5•41•0•0•Updated Feb 20, 2024Feb 20, 2024
RemoteTLSCallbackInjection
Public
Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process
C
•
MIT License
•48•287•1•0•Updated Jan 21, 2024Jan 21, 2024
Christmas
Public
PoC demonstrating a multi process injection chain aimed at remotely executing shellcode
C
•
MIT License
•35•260•1•0•Updated Jan 21, 2024Jan 21, 2024
MaldevAcademyLdr.1
Public
RunPE implementation with multiple evasive techniques (1)
C
•
MIT License
•50•382•0•0•Updated Sep 22, 2023Sep 22, 2023
HellHall
Public
Performing Indirect Clean Syscalls
syscalls edrs
C
•79•605•1•1•Updated Apr 19, 2023Apr 19, 2023