Projected developed for fun only that simulates APT 29 and Lockbit TTPs, showcasing phishing, ISO execution, and DLL proxying for persistence and privilege escalation.
☆62May 3, 2024Updated 2 years ago
Alternatives and similar repositories for APT-Attack-Simulation
Users that are interested in APT-Attack-Simulation are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Basic network sec tool for real-time threat detection and C2 communication prevention. Features 70+ detection modules, IOC integration, c…☆17Jun 11, 2024Updated last year
- ☆45Apr 27, 2024Updated 2 years ago
- A multi web security purposes tool☆47Mar 31, 2026Updated last month
- Malicious powershell scripts loader designed to avoid detection.☆59Jun 16, 2023Updated 2 years ago
- Cracked version of LockBit Ransomware Including the missing Locker files. Including source code.☆19Sep 21, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆285Apr 6, 2025Updated last year
- Pathbyter is a lightning fast proof-of-concept ransomware that uses RSA wrapped AES, multiprocessing, in memory key encryption, appends e…☆26Sep 25, 2023Updated 2 years ago
- Signature finder (from PE-bear)☆40Aug 25, 2025Updated 8 months ago
- IAT Unhooking proof-of-concept☆34Apr 7, 2024Updated 2 years ago
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆42May 18, 2024Updated last year
- Generic PE loader for fast prototyping evasion techniques☆245Jul 2, 2024Updated last year
- Killer is a super simple tool designed to bypass AV/EDR security tools using various evasive techniques and used by Patchwork group.☆836Jul 2, 2024Updated last year
- PhantomsGate: Advanced Shellcode Injection Technique☆29Jul 15, 2024Updated last year
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer☆549Feb 13, 2024Updated 2 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Beacon Object File implementation of Yaxser's Backstab☆15Mar 9, 2022Updated 4 years ago
- shell code example☆68Dec 12, 2025Updated 4 months ago
- C2 redirector as a web API☆10May 22, 2021Updated 4 years ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆284Sep 18, 2024Updated last year
- Охотник (Hunter) is a simple Adversary Simulation tool developed for achieves stealth through API unhooking, direct and indirect syscalls…☆95Apr 23, 2025Updated last year
- Automate your C2 creation with Azure Frontdoor and randomly generated options☆15Sep 20, 2024Updated last year
- Info related to the Outflank training: Microsoft Office Offensive Tradecraft☆52May 16, 2024Updated last year
- This exploit use PEB walk technique to resolve API calls dynamically, obfuscate all API calls to perform process injection.☆27Jul 26, 2024Updated last year
- Finding Truth in the Shadows☆127Jan 26, 2023Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Sleep Obfuscation☆836Dec 3, 2023Updated 2 years ago
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆274Oct 31, 2024Updated last year
- converts sRDI compatible dlls to shellcode☆38Jan 20, 2025Updated last year
- Some of the techniques used in Malware Windows - Persistence(Registry HKCU,startup),Disable Windows Firewall,Disable Windows Defender☆24Nov 20, 2022Updated 3 years ago
- Cobalt Strike random C2 Profile generator☆16Apr 3, 2026Updated last month
- Simple BOF to read the protection level of a process☆122May 10, 2023Updated 2 years ago
- Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".☆756May 23, 2025Updated 11 months ago
- Cobalt Strike notifications via NTFY.☆15Sep 24, 2024Updated last year
- Single-header LZW (Lempel-Ziv-Welch) C Library, headerless compressor & decompressor (variable code, 9-16 bits)☆22Jan 2, 2026Updated 4 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆36Oct 31, 2023Updated 2 years ago
- Generate an obfuscated DLL that will disable AMSI & ETW☆332Jul 15, 2024Updated last year
- HTML smuggling is not an evil, it can be useful☆14Jan 28, 2023Updated 3 years ago
- BSides Prishtina 2024 Malware Development and Persistence workshop☆132Apr 18, 2026Updated 2 weeks ago
- Research of modifying exported function names at runtime (C/C++, Windows)☆18May 28, 2024Updated last year
- LibreHealth v2.0.0 suffers from an authenticated file upload vulnerability allowing remote attackers to gain remote code execution (RCE) …☆12Jul 19, 2020Updated 5 years ago
- Small project to facilitate creation of .lnk payloads☆82Nov 18, 2022Updated 3 years ago