Projected developed for fun only that simulates APT 29 and Lockbit TTPs, showcasing phishing, ISO execution, and DLL proxying for persistence and privilege escalation.
☆61May 3, 2024Updated last year
Alternatives and similar repositories for APT-Attack-Simulation
Users that are interested in APT-Attack-Simulation are comparing it to the libraries listed below
Sorting:
- Basic network sec tool for real-time threat detection and C2 communication prevention. Features 70+ detection modules, IOC integration, c…☆17Jun 11, 2024Updated last year
- ☆44Apr 27, 2024Updated last year
- A multi web security purposes tool☆47Feb 23, 2026Updated last week
- Malicious powershell scripts loader designed to avoid detection.☆61Jun 16, 2023Updated 2 years ago
- IAT Unhooking proof-of-concept☆34Apr 7, 2024Updated last year
- Pathbyter is a lightning fast proof-of-concept ransomware that uses RSA wrapped AES, multiprocessing, in memory key encryption, appends e…☆26Sep 25, 2023Updated 2 years ago
- C2 redirector as a web API☆10May 22, 2021Updated 4 years ago
- Signature finder (from PE-bear)☆40Aug 25, 2025Updated 6 months ago
- Some of the techniques used in Malware Windows - Persistence(Registry HKCU,startup),Disable Windows Firewall,Disable Windows Defender☆23Nov 20, 2022Updated 3 years ago
- PhantomsGate: Advanced Shellcode Injection Technique☆26Jul 15, 2024Updated last year
- Info related to the Outflank training: Microsoft Office Offensive Tradecraft☆52May 16, 2024Updated last year
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆43May 18, 2024Updated last year
- HTML smuggling is not an evil, it can be useful☆14Jan 28, 2023Updated 3 years ago
- Cobalt Strike random C2 Profile generator☆16Feb 23, 2026Updated last week
- Toolkit of Projects to attack and evade Event Trace for Windows☆26Aug 28, 2025Updated 6 months ago
- Single-header LZW (Lempel-Ziv-Welch) C Library, headerless compressor & decompressor (variable code, 9-16 bits)☆22Jan 2, 2026Updated 2 months ago
- shell code example☆68Dec 12, 2025Updated 2 months ago
- Finding Truth in the Shadows☆123Jan 26, 2023Updated 3 years ago
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer☆539Feb 13, 2024Updated 2 years ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆283Sep 18, 2024Updated last year
- Охотник (Hunter) is a simple Adversary Simulation tool developed for achieves stealth through API unhooking, direct and indirect syscalls…☆93Apr 23, 2025Updated 10 months ago
- Generic PE loader for fast prototyping evasion techniques☆244Jul 2, 2024Updated last year
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆283Apr 6, 2025Updated 10 months ago
- Killer is a super simple tool designed to bypass AV/EDR security tools using various evasive techniques and used by Patchwork group.☆833Jul 2, 2024Updated last year
- Cracked version of LockBit Ransomware Including the missing Locker files. Including source code.☆19Sep 21, 2023Updated 2 years ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆35Oct 31, 2023Updated 2 years ago
- BSides Prishtina 2024 Malware Development and Persistence workshop☆127Jan 1, 2026Updated 2 months ago
- Beacon Object File implementation of Yaxser's Backstab☆15Mar 9, 2022Updated 3 years ago
- Sleep Obfuscation☆816Dec 3, 2023Updated 2 years ago
- Small project to facilitate creation of .lnk payloads�☆80Nov 18, 2022Updated 3 years ago
- converts sRDI compatible dlls to shellcode☆35Jan 20, 2025Updated last year
- abusing Process Hacker driver to terminate other processes (BYOVD)☆82May 23, 2023Updated 2 years ago
- ☆25Dec 21, 2025Updated 2 months ago
- Playing with packets in C#☆15Aug 16, 2024Updated last year
- Generate FUD backdoors☆262Mar 17, 2023Updated 2 years ago
- Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".☆747May 23, 2025Updated 9 months ago
- Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Direc…☆442Oct 1, 2025Updated 5 months ago
- early cascade injection PoC based on Outflanks blog post☆237Nov 7, 2024Updated last year
- shellcode loader for your evasion needs☆352Apr 30, 2025Updated 10 months ago