#

fileless-malware

Here are 24 public repositories matching this topic...

RuoJi6 / xxl-job-FLM

xxl-job内存马

xxl-job attck fileless-malware memory-resident-malware

Updated Jan 26, 2025
Java

iss4cf0ng / DuplexSpyCS

An open-source, C#-based remote administration tool (RAT), enabling complete control of a remote Windows machine, designed for legitimate remote administration and security testing of Windows systems.

Updated Apr 9, 2026
C#

iss4cf0ng / IronPE

IronPE is a Windows PE manual loader written in Rust for both x86 and x64 PE files.

windows rust x64 executable poc x86 pe-loader pe-file fileless windows-rust fileless-malware rust-loader

Updated Mar 10, 2026
Rust

ELMERIKH / PyinMemoryPE

execute PE in memory Filelessly

pe-loader redteam-tools pe-injection fileless-attack evade-av redteaming-tools fileless-malware pe-file-injector python-pe-injector fileless-pe-injector

Updated Feb 8, 2025
Python

iss4cf0ng / dotNetPELoader

A C# PE loader for x64 and x86 PE files.

csharp dotnet x64 x86 csharp-code pe-file fileless peloader fileless-attack fileless-malware fileless-pe-injector fileless-injection x86loader x64loader

Updated Mar 9, 2026
C#

iss4cf0ng / Elfina

Elfina is a multi-architecture ELF loader written in Rust, supporting x86 and x86-64 binaries.

linux rust entropy linux-kernel elf hexdump c-language elf-loader elf-parser disasm c-lang elf-files fileless linux-elf fileless-malware elfina

Updated Mar 15, 2026
Rust

baycysec / plaguards

Plaguards: Open Source PowerShell Deobfuscation and IOC Detection Engine for Blue Teams. [Presented at Black Hat Asia and USA 2025 Arsenal]

python linux open-source ioc powershell deobfuscation pdf-report django-project fileless-malware plaguards

Updated Jan 4, 2026
Python

FUD-Crypter-Bypass-Windows-Defender

Workaholic9 / FUD-Crypter-Bypass-Windows-Defender

Origami Crypter with an updated version of the stub that bypasses windows defender.

packer backdoor dotnet malware crypter fud av-bypass crypter-fud reflective-loading fud-crypter defender-bypass wd-bypass fileless-malware

Updated Mar 13, 2025

JM00NJ / ICMP-Ghost-A-Fileless-x64-Assembly-C2-Agent

Ghost-C2 is a command-and-control framework written entirely in pure x64 Linux Assembly with no libc dependencies. Every operation goes through direct syscalls. There are no import tables, no dynamic linker artifacts, and no disk writes. The C2 channel runs over raw ICMP sockets, hiding inside standard diagnostic traffic.

linux assembly malware evasion compression-algorithm low-level-programming redteaming x64-assembly redteam-tools icmp-protocol c2-framework fileless-malware

Updated Apr 18, 2026
Assembly

cybersecurity-dev / awesome-fileless-malware-scientific-research

Awesome Fileless Malware Scientific Research

awesome awesome-list awesome-lists scientific-research fileless-attack fileless-malware filelessmalware

Updated Dec 24, 2025

Crypter-For-Sale-Bypassing-Windows-Defender

capitalcalculatorboy / Crypter-For-Sale-Bypassing-Windows-Defender

Selling crypter / crypter services bypassing windows defender. Private stub for each purchase. 50 dollars.

obfuscation malware rat obfuscator crypter fud crypter-fud fud-crypter fileless-malware crypter-service

Updated Apr 6, 2025

cybersecurity-dev / awesome-fileless-malware

Awesome Fileless Malware

awesome malware awesome-list malware-development awesome-lists fileless-malware

Updated Dec 1, 2025

Kovax00 / APT-Style-PowerShell

Proof of Concept que replica la técnica de evasión avanzada utilizada por APT35 (Charming Kitten) en su backdoor "PowerLess" (2021-2022).

powershell powershell-script offensive-security ethical-hacking red-team mitre-attack fileless-malware evasion-techniques apt-techniques apt35

Updated Jan 30, 2026

mazen91111 / GhostWrite

Fileless Persistence Engine -- 7 techniques that survive reboot without writing a single file to disk. Pure Go.

golang persistence wmi red-team mitre-attack windows-security com-hijacking fileless-malware

Updated Mar 1, 2026
Go

autopark530-rgb / Ransom-Win32-HelloMutex.A

For educational and cybersecurity purposes.

windows ioc pentesting dll-injection malware-analysis mitre-attack threat-detection living-off-the-land wsl2 dns-attacks cve-research fileless-malware vibe-coding ransomware-dectection

Updated Oct 29, 2025
HTML

cybersecurity-dev / Fileless-Malware-Cookbook

Fileless Malware Cookbook

malicious-scripts fileless-malware malicious-script filelessmalware malicious-powershell-scripts malicious-powershell-script malicious-bash-scripts malicious-bash-script

Updated Apr 1, 2026

SzokeMark-Andor / powershell-lotl-artifact

PowerShell benchmark and robust LOTL/fileless detection artifact with v9 and v10 evaluation outputs.

powershell cybersecurity malware-detection living-off-the-land fileless-malware

Updated Apr 13, 2026
PowerShell

Compcode1 / ioc21-cradle-powershell

This case, centered on a PowerShell download cradle, illustrates one of the most common but under-analyzed threats in modern enterprise environments.

powershell-cradles fileless-malware script-block-logging event-id-4104 host-based-triage

Updated May 23, 2025
Jupyter Notebook

3lvin-Kc / RustC2-main

This is a lightweight Command and Control (C2) tool built with Rust, featuring a minimal set of core functionalities

rust c2 fileless-malware

Updated Nov 28, 2025
Rust

Sayan690 / Weaponised-DFE

Fetch a remote C# Assembly and execute it in memory using Assembly.Load

flask csharp dotnet python3 ssl-certificates tls-certificate command-and-control dotnet-assembly fileless-malware

Updated Apr 8, 2025
Python

Improve this page

Add a description, image, and links to the fileless-malware topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the fileless-malware topic, visit your repo's landing page and select "manage topics."