Projected developed for fun only that simulates APT 29 and Lockbit TTPs, showcasing phishing, ISO execution, and DLL proxying for persistence and privilege escalation.
☆62May 3, 2024Updated last year
Alternatives and similar repositories for APT-Attack-Simulation
Users that are interested in APT-Attack-Simulation are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Basic network sec tool for real-time threat detection and C2 communication prevention. Features 70+ detection modules, IOC integration, c…☆17Jun 11, 2024Updated last year
- ☆45Apr 27, 2024Updated last year
- A multi web security purposes tool☆47Mar 31, 2026Updated last week
- Malicious powershell scripts loader designed to avoid detection.☆60Jun 16, 2023Updated 2 years ago
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆286Apr 6, 2025Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Pathbyter is a lightning fast proof-of-concept ransomware that uses RSA wrapped AES, multiprocessing, in memory key encryption, appends e…☆26Sep 25, 2023Updated 2 years ago
- Signature finder (from PE-bear)☆40Aug 25, 2025Updated 7 months ago
- IAT Unhooking proof-of-concept☆34Apr 7, 2024Updated 2 years ago
- ☆17Oct 26, 2018Updated 7 years ago
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆42May 18, 2024Updated last year
- Generic PE loader for fast prototyping evasion techniques☆245Jul 2, 2024Updated last year
- Killer is a super simple tool designed to bypass AV/EDR security tools using various evasive techniques and used by Patchwork group.☆835Jul 2, 2024Updated last year
- PhantomsGate: Advanced Shellcode Injection Technique☆29Jul 15, 2024Updated last year
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer☆545Feb 13, 2024Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Beacon Object File implementation of Yaxser's Backstab☆15Mar 9, 2022Updated 4 years ago
- shell code example☆68Dec 12, 2025Updated 4 months ago
- C2 redirector as a web API☆10May 22, 2021Updated 4 years ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆283Sep 18, 2024Updated last year
- Охотник (Hunter) is a simple Adversary Simulation tool developed for achieves stealth through API unhooking, direct and indirect syscalls…☆94Apr 23, 2025Updated 11 months ago
- Automate your C2 creation with Azure Frontdoor and randomly generated options☆15Sep 20, 2024Updated last year
- Info related to the Outflank training: Microsoft Office Offensive Tradecraft☆52May 16, 2024Updated last year
- This exploit use PEB walk technique to resolve API calls dynamically, obfuscate all API calls to perform process injection.☆26Jul 26, 2024Updated last year
- Sleep Obfuscation☆824Dec 3, 2023Updated 2 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Finding Truth in the Shadows☆126Jan 26, 2023Updated 3 years ago
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆274Oct 31, 2024Updated last year
- converts sRDI compatible dlls to shellcode☆35Jan 20, 2025Updated last year
- Some of the techniques used in Malware Windows - Persistence(Registry HKCU,startup),Disable Windows Firewall,Disable Windows Defender☆23Nov 20, 2022Updated 3 years ago
- Simple BOF to read the protection level of a process☆119May 10, 2023Updated 2 years ago
- Cobalt Strike random C2 Profile generator☆16Apr 3, 2026Updated last week
- Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".☆751May 23, 2025Updated 10 months ago
- Cobalt Strike notifications via NTFY.☆15Sep 24, 2024Updated last year
- Single-header LZW (Lempel-Ziv-Welch) C Library, headerless compressor & decompressor (variable code, 9-16 bits)☆22Jan 2, 2026Updated 3 months ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆36Oct 31, 2023Updated 2 years ago
- Generate an obfuscated DLL that will disable AMSI & ETW☆331Jul 15, 2024Updated last year
- BSides Prishtina 2024 Malware Development and Persistence workshop☆130Mar 15, 2026Updated 3 weeks ago
- HTML smuggling is not an evil, it can be useful☆14Jan 28, 2023Updated 3 years ago
- Research of modifying exported function names at runtime (C/C++, Windows)☆18May 28, 2024Updated last year
- Small project to facilitate creation of .lnk payloads☆82Nov 18, 2022Updated 3 years ago
- LibreHealth v2.0.0 suffers from an authenticated file upload vulnerability allowing remote attackers to gain remote code execution (RCE) …☆12Jul 19, 2020Updated 5 years ago