14 results found Sort:

ayoubfaouzi
al-khaser ayoubfaouzi
1.2k
6.0k
gpl-2.0
241
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
anti-vm malware av-bypass anti-sandbox anti-analysis anti-debugging anti-emulation code-injection timing-attacks sandbox-evasion anti-disassembly
Created 2015-11-12
533 commits to master branch, last one 2 months ago
klezVirus
inceptor klezVirus
266
1.6k
other
35
Template-Driven AV/EDR Evasion Framework
dinvoke pinvoke red-team av-bypass pe-packer av-evasion edr-bypass amsi-bypass obfuscation red-teaming amsi-evasion av-edr-bypass code-injection payload-generator process-injection
Created 2021-08-02
58 commits to main branch, last one about a year ago
hlldz
SpookFlare hlldz
187
947
apache-2.0
50
Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures.
bypass loader dropper av-bypass av-evasion obfuscation endpoint-bypass antivirus-evasion antivirus-testing
This repository has been archived (exclude archived)
Created 2017-11-13
24 commits to master branch, last one 5 years ago
yutianqaq
AVEvasionCraftOnline yutianqaq
54
321
mit
6
An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods.
bypass golang online redteam av-bypass av-evasion redteaming redteam-tools bypass-antivirus antivirus-evasion
Created 2024-01-24
27 commits to main branch, last one 7 months ago
thomasxm
BOAZ_beta thomasxm
54
288
gpl-3.0
18
Multilayered AV/EDR Evasion Framework
boaz red-ream av-bypass pe-packer av-evasion edr-bypass etw-bypass obfuscation red-teaming av-edr-bypass code-injection antivirus-evasion payload-generator process-injection red-teaming-tools
Created 2024-05-26
138 commits to main branch, last one 3 months ago
SubGlitch1
OSRipper SubGlitch1
48
277
mit
15
AV evading OSX Backdoor and Crypter Framework
fud rat miner python crypter malware backdoor av-bypass keylogger crypter-fud silent-miner backdoorpython antivirus-evasion antivirus-testing malware-development
Created 2022-02-28
175 commits to main branch, last one 9 months ago
Cipher7
ChaiLdr Cipher7
29
211
mit
4
AV bypass while you sip your Chai!
loader malware av-bypass av-evasion red-teaming malware-development
Created 2024-03-29
22 commits to main branch, last one 8 months ago
VirtualAlllocEx
Direct-Syscalls-vs-Indirect-Syscalls VirtualAlllocEx
22
165
unknown
5
The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls
av-bypass av-evasion edr-bypass edr-evasion windows-int direct-syscalls shellcode-loader indirect-syscalls
Created 2023-05-23
10 commits to main branch, last one 11 months ago
VirtualAlllocEx
Direct-Syscalls-A-journey-from-high-to-low VirtualAlllocEx
21
131
unknown
3
Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low level).
av-bypass av-evasion edr-bypass edr-evasion direct-syscalls
Created 2023-04-14
17 commits to main branch, last one about a year ago
njcve
inflate.py njcve
15
119
unknown
1
Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.
antivirus av-bypass bugbounty av-evasion edr-bypass evasion-attack antivirus-evasion endpoint-security
Created 2022-04-08
5 commits to main branch, last one 2 years ago
Cipher7
ApexLdr Cipher7
18
104
mit
4
ApexLdr is a DLL Payload Loader written in C
loader malware av-bypass av-evasion threadpool red-teaming dll-unhooking dll-sideloading indirect-syscall shellcode-loader
Created 2024-06-16
37 commits to main branch, last one 5 months ago
Sn1r
Nim-Reverse-Shell Sn1r
23
85
mit
2
A simple and stealthy reverse shell written in Nim that bypasses Windows Defender detection. This tool allows you to establish a reverse shell connection with a target system. Use responsibly for educ...
nim nim-lang av-bypass av-evasion reverse-shell antivirus-bypass antivirus-evasion
Created 2023-07-14
4 commits to main branch, last one about a year ago
VirtualAlllocEx
DSC_SVC_REMOTE VirtualAlllocEx
10
50
unknown
2
This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for local privilege escalation in the context of an unquoted service p...
av-bypass av-evasion edr-bypass edr-evasion direct-syscalls
Created 2023-05-08
12 commits to main branch, last one about a year ago
malwarekid
Inject-EXE malwarekid
6
28
mit
1
The provided Python program, Inject-EXE.py, allows you to combine a malicious executable with a legitimate executable, producing a single output executable. This output executable will contain both th...
exe bypass evasion malware python3 bind-exe av-bypass exe-packer inject-exe malware-bypass packer-builder malware-packers antivirus-bypass
Created 2024-06-29
4 commits to main branch, last one 5 months ago