22 results found Sort:
- Filter by Primary Language:
- C (8)
- Python (4)
- C++ (3)
- Assembly (2)
- Go (1)
- Nim (1)
- PowerShell (1)
- C# (1)
- +
Template-Driven AV/EDR Evasion Framework
Created
2021-08-02
58 commits to main branch, last one about a year ago
Awesome EDR Bypass Resources For Ethical Hacking
Created
2023-04-19
8 commits to main branch, last one 10 days ago
A Highly capable Pe Packer
Created
2022-10-12
16 commits to main branch, last one about a year ago
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
Created
2023-04-30
1,148 commits to main branch, last one 5 months ago
Automated DLL Sideloading Tool With EDR Evasion Capabilities
Created
2023-05-15
94 commits to main branch, last one 6 months ago
Materials for the workshop "Red Team Ops: Havoc 101"
Created
2023-02-17
109 commits to main branch, last one about a year ago
indirect syscalls for AV/EDR evasion in Go assembly
Created
2023-04-07
68 commits to main branch, last one about a year ago
This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and download and execute your C2-shellcode which is hosted on your (C2)...
Created
2022-03-27
34 commits to main branch, last one about a year ago
Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
Created
2024-05-24
6 commits to main branch, last one about a month ago
Use hardware breakpoints to spoof the call stack for both syscalls and API calls
Created
2023-03-03
4 commits to main branch, last one 22 days ago
A C2 framework for initial access in Go
Created
2021-07-16
345 commits to master branch, last one about a year ago
"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS
Created
2024-05-03
10 commits to main branch, last one about a month ago
The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls
Created
2023-05-23
10 commits to main branch, last one 5 months ago
Small PoC of using a Microsoft signed executable as a lolbin.
Created
2023-02-27
2 commits to main branch, last one about a year ago
Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low level).
Created
2023-04-14
17 commits to main branch, last one about a year ago
Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.
Created
2022-04-08
5 commits to main branch, last one 2 years ago
This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for local privilege escalation in the context of an unquoted service p...
Created
2023-05-08
12 commits to main branch, last one about a year ago
frida based script which automates the process of discovering and exploiting DLL Hijacks in target binaries. The discovered binaries can later be weaponized during Red Team Operations to evade AV/EDR'...
Created
2023-03-23
4 commits to main branch, last one about a year ago
Nim process hollowing loader
Created
2023-04-15
120 commits to main branch, last one 2 months ago
silence file system monitoring components by hooking their minifilters
Created
2023-10-30
44 commits to main branch, last one 4 months ago
Hidedump:a lsassdump tools that may bypass EDR
Created
2024-05-23
3 commits to main branch, last one about a month ago
PowerJoker is a Dynamic PowerShell Reverse-Shell Generator; Unique Payloads with different results on Each Execution.
Created
2023-03-17
30 commits to main branch, last one 2 months ago