33 results found Sort:

bytecode77
r77-rootkit bytecode77
378
1.5k
bsd-2-clause
41
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
rootkit fileless av-evasion
Created 2017-12-17
95 commits to master branch, last one about a month ago
klezVirus
inceptor klezVirus
261
1.5k
other
35
Template-Driven AV/EDR Evasion Framework
dinvoke pinvoke red-team av-bypass pe-packer av-evasion edr-bypass amsi-bypass obfuscation red-teaming amsi-evasion av-edr-bypass code-injection payload-generator process-injection
Created 2021-08-02
58 commits to main branch, last one about a year ago
TryCatchHCF
Cloakify TryCatchHCF
231
1.5k
mit
61
CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting C...
dlp stego cipher hacking infosec pentest privacy red-team security av-evasion pentesting cryptography exfiltration hacking-tool pentest-tool hacking-tools pentest-tools steganography security-tools data-exfiltration
Created 2016-05-07
117 commits to master branch, last one 4 years ago
swagkarna
Defeat-Defender-V1.2.0 swagkarna
302
1.4k
gpl-3.0
44
Powerful batch script to dismantle complete windows defender protection and even bypass tamper protection ..Disable Windows-Defender Permanently....Hack windows. POC
fud batch bypass dropper hacking malware payload defender antivirus hack-tool av-evasion hackwindows undetectable bypass-defender malware-dropper bypass-antivirus proof-of-concept disable-windows-defender
Created 2020-12-10
288 commits to main branch, last one 8 months ago
Ch0pin
AVIator Ch0pin
220
1.0k
gpl-3.0
36
Antivirus evasion project
av-b virus bypass trojan crypter windows backdoor antivirus backdoors injection shellcode av-evasion backdooring virus-total antivirus-testing
Created 2018-04-14
84 commits to master branch, last one 2 years ago
hlldz
SpookFlare hlldz
190
944
apache-2.0
50
Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures.
bypass loader dropper av-bypass av-evasion obfuscation endpoint-bypass antivirus-evasion antivirus-testing
This repository has been archived (exclude archived)
Created 2017-11-13
24 commits to master branch, last one 5 years ago
lengjibo
FourEye lengjibo
153
744
apache-2.0
16
AV Evasion Tool For Red Team Ops
redteam bypassav shellcode av-evasion antivirus-evasion
Created 2020-12-11
28 commits to main branch, last one 2 years ago
klezVirus
SilentMoonwalk klezVirus
94
625
bsd-3-clause
11
PoC Implementation of a fully dynamic call stack spoofer
av-evasion edr-evasion thread-stack stack-spoofing
Created 2022-12-04
7 commits to master branch, last one about a year ago
bytecode77
pe-union bytecode77
140
610
bsd-2-clause
37
Crypter, binder & downloader with native & .NET stub, evasive by design, user friendly UI
binder crypter av-evasion downloader obfuscation
Created 2017-12-27
75 commits to master branch, last one 2 years ago
GetRektBoy724
SharpUnhooker GetRektBoy724
77
385
unknown
4
C# Based Universal API Unhooker
dll csharp windows red-team av-evasion pentesting windows-api
Created 2021-05-17
73 commits to main branch, last one 2 years ago
f1zm0
hades f1zm0
46
329
gpl-3.0
7
Go shellcode loader that combines multiple evasion techniques
ntapi ntdll golang evasion syscalls av-evasion pentesting edr-evasion red-teaming offensive-security adversary-emulation
Created 2022-10-11
49 commits to main branch, last one about a year ago
pard0p
CallstackSpoofingPOC pard0p
62
309
mit
3
C++ self-Injecting dropper based on various EDR evasion techniques.
dropper av-evasion edr-evasion indirect-syscall
Created 2023-10-08
20 commits to main branch, last one 4 months ago
WesleyWong420
RedTeamOps-Havoc-101 WesleyWong420
44
308
unknown
5
Materials for the workshop "Red Team Ops: Havoc 101"
havoc opsec av-evasion edr-bypass red-team-ops active-directory process-injection
Created 2023-02-17
109 commits to main branch, last one about a year ago
D3Ext
maldev D3Ext
28
297
mit
5
Golang library for malware development
go golang maldev infosec malware red-team shellcode av-evasion encryption kali-linux pentesting development cryptography
Created 2022-12-29
72 commits to main branch, last one 9 months ago
f1zm0
acheron f1zm0
33
292
mit
6
indirect syscalls for AV/EDR evasion in Go assembly
go golang evasion assembly red-team av-evasion edr-bypass edr-evasion red-teaming malware-research offensive-security adversary-emulation
Created 2023-04-07
68 commits to main branch, last one about a year ago
yutianqaq
AVEvasionCraftOnline yutianqaq
42
235
mit
4
An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods.
bypass golang online redteam av-bypass av-evasion redteaming redteam-tools bypass-antivirus antivirus-evasion
Created 2024-01-24
27 commits to main branch, last one about a month ago
AdvDebug
AntiCrack-DotNet AdvDebug
52
214
mit
10
C# Project contains a plenty of Advanced Anti-Debugging, Anti-Virtualization, Anti Dll-Injection and Anti-Hooking Techniques.
csharp anti-vm evasion malware cracking debugger antidebug debugging sandboxie anti-debug av-evasion protection vm-evasion anti-sandbox anti-debugger dll-injection anti-debugging anti-detection virtualization reverse-engineering
Created 2021-11-03
88 commits to main branch, last one 19 days ago
GetRektBoy724
BetterXencrypt GetRektBoy724
45
207
gpl-3.0
9
A better version of Xencrypt.Xencrypt it self is a Powershell runtime crypter designed to evade AVs.
avs fud amsi crypter payload windows av-evasion powershell bypass-antivirus
Created 2021-04-03
30 commits to main branch, last one 3 years ago
Cipher7
ChaiLdr Cipher7
21
163
mit
3
AV bypass while you sip your Chai!
loader malware av-bypass av-evasion red-teaming malware-development
Created 2024-03-29
22 commits to main branch, last one 2 months ago
VirtualAlllocEx
Direct-Syscalls-vs-Indirect-Syscalls VirtualAlllocEx
18
136
unknown
4
The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls
av-bypass av-evasion edr-bypass edr-evasion windows-int direct-syscalls shellcode-loader indirect-syscalls
Created 2023-05-23
10 commits to main branch, last one 5 months ago
VirtualAlllocEx
Direct-Syscalls-A-journey-from-high-to-low VirtualAlllocEx
19
121
unknown
2
Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low level).
av-bypass av-evasion edr-bypass edr-evasion direct-syscalls
Created 2023-04-14
17 commits to main branch, last one about a year ago
njcve
inflate.py njcve
15
115
unknown
1
Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.
antivirus av-bypass bugbounty av-evasion edr-bypass evasion-attack antivirus-evasion endpoint-security
Created 2022-04-08
5 commits to main branch, last one 2 years ago
yutianqaq
BypassAV-Online yutianqaq
11
115
apache-2.0
2
An online AV evasion platform written in Springboot (Golang, Nim, C) supports inline, local and remote loading of Shellocde methods.
c go nim redteam bypassav av-evasion springboot antivirus-evasion
Created 2023-12-28
41 commits to main branch, last one 5 months ago
AdvDebug
MineRootkit AdvDebug
15
64
mit
5
PoC Windows Usermode Rootkit made in C# and C++, made to show you how to protect your process using hooking.
av cpp csharp evasion malware rootkit windows usermode user-mode av-evasion rootkit-windows malware-analysis malware-research user-mode-rootkit malware-protection
This repository has been archived (exclude archived)
Created 2021-11-12
47 commits to main branch, last one 8 months ago
Sn1r
Nim-Reverse-Shell Sn1r
20
63
mit
2
A simple and stealthy reverse shell written in Nim that bypasses Windows Defender detection. This tool allows you to establish a reverse shell connection with a target system. Use responsibly for educ...
nim nim-lang av-bypass av-evasion reverse-shell antivirus-bypass antivirus-evasion
Created 2023-07-14
4 commits to main branch, last one 11 months ago
GetRektBoy724
TripleS GetRektBoy724
15
62
unknown
4
Extracting Syscall Stub, Modernized
csharp syscall windows av-evasion pentesting red-teaming
Created 2021-07-15
17 commits to main branch, last one 2 years ago
tid4l
TallGrass tid4l
8
58
gpl-3.0
3
An AV exclusion enumeration tool written in Python.
python red-team av-evasion enumeration cybersecurity windows-defender windows-registry
Created 2022-02-17
2 commits to main branch, last one 2 years ago
padovah4ck
RedSharp padovah4ck
23
55
bsd-3-clause
4
Penetration Test / Read Team - C# tools repository
c-sharp windows av-evasion meterpreter reverse-shell bypass-antivirus penetration-test shellcode-injector
Created 2018-10-22
19 commits to master branch, last one 2 years ago
Chainski
AES-Encoder Chainski
15
50
gpl-3.0
1
PowerShell Obfuscator. A PowerShell script anti-virus evasion tool
fud crypter hacking red-team security xencrypt ctf-tools av-evasion encryption powershell aes-encoder amsi-bypass cryptography cobalt-strike security-tools powershell-tools penetration-testing powershell-obfuscator powershell-bypass-amsi encrypt-powershell-script
Created 2022-10-21
49 commits to main branch, last one about a month ago
VirtualAlllocEx
DSC_SVC_REMOTE VirtualAlllocEx
10
47
unknown
2
This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for local privilege escalation in the context of an unquoted service p...
av-bypass av-evasion edr-bypass edr-evasion direct-syscalls
Created 2023-05-08
12 commits to main branch, last one about a year ago