Compile-time string encryption and import obfuscation for Windows PE32(+) binaries
A stealthy PEB walker for x64 Windows. Demonstrates EDR evasion by manually parsing the PEB via assembly to resolve kernel32.dll base addresses. It bypasses IAT scanners and API hooks, and provides silent memory navigation with WinAPI calls.
Pure assembly red team framework for Win11 25H2. Position-independent code, runtime API hashing, polymorphic engine, indirect syscalls, C2 beacon. 18KB total. Educational COAL lab project.
Custom position-independent calc.exe shellcode using PEB walking, export table parsing, and modified djb2 hashing. Educational PoC.
A highly aggressive, Zero-IAT C++ anti-analysis engine featuring a custom VCPU. Designed to melt debuggers and protect indie projects from reverse engineering.
ChaCha20-Poly1305 encrypted reverse shell and process injector in pure x86_64 NASM assembly — Hell's Gate syscalls, zero dependencies
Add a description, image, and links to the peb-walking topic page so that developers can more easily learn about it.
To associate your repository with the peb-walking topic, visit your repo's landing page and select "manage topics."