Projected developed for fun only that simulates APT 29 and Lockbit TTPs, showcasing phishing, ISO execution, and DLL proxying for persistence and privilege escalation.
☆61May 3, 2024Updated last year
Alternatives and similar repositories for APT-Attack-Simulation
Users that are interested in APT-Attack-Simulation are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Basic network sec tool for real-time threat detection and C2 communication prevention. Features 70+ detection modules, IOC integration, c…☆17Jun 11, 2024Updated last year
- ☆45Apr 27, 2024Updated last year
- A multi web security purposes tool☆47Mar 1, 2026Updated 3 weeks ago
- Malicious powershell scripts loader designed to avoid detection.☆61Jun 16, 2023Updated 2 years ago
- Cracked version of LockBit Ransomware Including the missing Locker files. Including source code.☆19Sep 21, 2023Updated 2 years ago
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆283Apr 6, 2025Updated 11 months ago
- Pathbyter is a lightning fast proof-of-concept ransomware that uses RSA wrapped AES, multiprocessing, in memory key encryption, appends e…☆26Sep 25, 2023Updated 2 years ago
- Signature finder (from PE-bear)☆40Aug 25, 2025Updated 6 months ago
- IAT Unhooking proof-of-concept☆34Apr 7, 2024Updated last year
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆42May 18, 2024Updated last year
- Generic PE loader for fast prototyping evasion techniques☆245Jul 2, 2024Updated last year
- Killer is a super simple tool designed to bypass AV/EDR security tools using various evasive techniques and used by Patchwork group.☆835Jul 2, 2024Updated last year
- PhantomsGate: Advanced Shellcode Injection Technique☆27Jul 15, 2024Updated last year
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer☆544Feb 13, 2024Updated 2 years ago
- Beacon Object File implementation of Yaxser's Backstab☆15Mar 9, 2022Updated 4 years ago
- shell code example☆68Dec 12, 2025Updated 3 months ago
- C2 redirector as a web API☆10May 22, 2021Updated 4 years ago
- �Охотник (Hunter) is a simple Adversary Simulation tool developed for achieves stealth through API unhooking, direct and indirect syscalls…☆93Apr 23, 2025Updated 11 months ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆283Sep 18, 2024Updated last year
- Automate your C2 creation with Azure Frontdoor and randomly generated options☆15Sep 20, 2024Updated last year
- Info related to the Outflank training: Microsoft Office Offensive Tradecraft☆52May 16, 2024Updated last year
- Sleep Obfuscation☆825Dec 3, 2023Updated 2 years ago
- This exploit use PEB walk technique to resolve API calls dynamically, obfuscate all API calls to perform process injection.☆26Jul 26, 2024Updated last year
- Finding Truth in the Shadows☆125Jan 26, 2023Updated 3 years ago
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆272Oct 31, 2024Updated last year
- Some of the techniques used in Malware Windows - Persistence(Registry HKCU,startup),Disable Windows Firewall,Disable Windows Defender☆23Nov 20, 2022Updated 3 years ago
- converts sRDI compatible dlls to shellcode☆35Jan 20, 2025Updated last year
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆35Oct 31, 2023Updated 2 years ago
- Simple BOF to read the protection level of a process☆119May 10, 2023Updated 2 years ago
- Cobalt Strike random C2 Profile generator☆16Mar 4, 2026Updated 2 weeks ago
- Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".☆751May 23, 2025Updated 10 months ago
- Cobalt Strike notifications via NTFY.☆15Sep 24, 2024Updated last year
- Single-header LZW (Lempel-Ziv-Welch) C Library, headerless compressor & decompressor (variable code, 9-16 bits)☆22Jan 2, 2026Updated 2 months ago
- Generate an obfuscated DLL that will disable AMSI & ETW☆331Jul 15, 2024Updated last year
- BSides Prishtina 2024 Malware Development and Persistence workshop☆129Mar 15, 2026Updated last week
- HTML smuggling is not an evil, it can be useful☆14Jan 28, 2023Updated 3 years ago
- Research of modifying exported function names at runtime (C/C++, Windows)☆18May 28, 2024Updated last year
- LibreHealth v2.0.0 suffers from an authenticated file upload vulnerability allowing remote attackers to gain remote code execution (RCE) …☆12Jul 19, 2020Updated 5 years ago
- Small project to facilitate creation of .lnk payloads☆81Nov 18, 2022Updated 3 years ago