Projected developed for fun only that simulates APT 29 and Lockbit TTPs, showcasing phishing, ISO execution, and DLL proxying for persistence and privilege escalation.
☆63May 3, 2024Updated 2 years ago
Alternatives and similar repositories for APT-Attack-Simulation
Users that are interested in APT-Attack-Simulation are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Basic network sec tool for real-time threat detection and C2 communication prevention. Features 70+ detection modules, IOC integration, c…☆17Jun 11, 2024Updated 2 years ago
- ☆45Apr 27, 2024Updated 2 years ago
- A multi web security purposes tool☆47May 29, 2026Updated 2 weeks ago
- Malicious powershell scripts loader designed to avoid detection.☆60Jun 16, 2023Updated 2 years ago
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆287Apr 6, 2025Updated last year
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Pathbyter is a lightning fast proof-of-concept ransomware that uses RSA wrapped AES, multiprocessing, in memory key encryption, appends e…☆26Sep 25, 2023Updated 2 years ago
- Signature finder (from PE-bear)☆40Jun 5, 2026Updated last week
- IAT Unhooking proof-of-concept☆33Apr 7, 2024Updated 2 years ago
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆42May 18, 2024Updated 2 years ago
- Generic PE loader for fast prototyping evasion techniques☆246Jul 2, 2024Updated last year
- Killer is a super simple tool designed to bypass AV/EDR security tools using various evasive techniques and used by Patchwork group.☆842Jul 2, 2024Updated last year
- PhantomsGate: Advanced Shellcode Injection Technique☆28Jul 15, 2024Updated last year
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer☆551Feb 13, 2024Updated 2 years ago
- Beacon Object File implementation of Yaxser's Backstab☆15Mar 9, 2022Updated 4 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- shell code example☆69Dec 12, 2025Updated 6 months ago
- C2 redirector as a web API☆10May 22, 2021Updated 5 years ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆285Sep 18, 2024Updated last year
- Охотник (Hunter) is a simple Adversary Simulation tool developed for achieves stealth through API unhooking, direct and indirect syscalls…☆94Apr 23, 2025Updated last year
- Automate your C2 creation with Azure Frontdoor and randomly generated options☆15Sep 20, 2024Updated last year
- Info related to the Outflank training: Microsoft Office Offensive Tradecraft☆52May 16, 2024Updated 2 years ago
- This exploit use PEB walk technique to resolve API calls dynamically, obfuscate all API calls to perform process injection.☆27Jul 26, 2024Updated last year
- Finding Truth in the Shadows☆129Jan 26, 2023Updated 3 years ago
- Sleep Obfuscation☆835Dec 3, 2023Updated 2 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆274Oct 31, 2024Updated last year
- converts sRDI compatible dlls to shellcode☆39Jan 20, 2025Updated last year
- Some of the techniques used in Malware Windows - Persistence(Registry HKCU,startup),Disable Windows Firewall,Disable Windows Defender☆23Nov 20, 2022Updated 3 years ago
- Simple BOF to read the protection level of a process☆123May 10, 2023Updated 3 years ago
- Cobalt Strike random C2 Profile generator☆18Apr 3, 2026Updated 2 months ago
- Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".☆762May 23, 2025Updated last year
- Cobalt Strike notifications via NTFY.☆15Sep 24, 2024Updated last year
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆36Oct 31, 2023Updated 2 years ago
- Single-header LZW (Lempel-Ziv-Welch) C Library, headerless compressor & decompressor (variable code, 9-16 bits)☆22Jan 2, 2026Updated 5 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Generate an obfuscated DLL that will disable AMSI & ETW☆334Jul 15, 2024Updated last year
- HTML smuggling is not an evil, it can be useful☆14Jan 28, 2023Updated 3 years ago
- Research of modifying exported function names at runtime (C/C++, Windows)☆18May 28, 2024Updated 2 years ago
- LibreHealth v2.0.0 suffers from an authenticated file upload vulnerability allowing remote attackers to gain remote code execution (RCE) …☆12Jul 19, 2020Updated 5 years ago
- Small project to facilitate creation of .lnk payloads☆82Nov 18, 2022Updated 3 years ago
- Production-ready KQL queries for Microsoft Defender XDR and Microsoft Sentinel. Focused on Threat Hunting, Detection Engineering, and MIT…☆107Updated this week
- Hunt for C2 servers and phishing web sites using VirusTotal API , you can modify code to kill the malicious process☆75May 19, 2024Updated 2 years ago