0xTriboulet / Revenant
Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework
☆376Updated 8 months ago
Alternatives and similar repositories for Revenant:
Users that are interested in Revenant are comparing it to the libraries listed below
- Performing Indirect Clean Syscalls☆535Updated 2 years ago
- Reduce Entropy And Obfuscate Youre Payload With Serialized Linked Lists☆433Updated last year
- Kill AV/EDR leveraging BYOVD attack☆352Updated last year
- JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.☆307Updated 8 months ago
- ☆324Updated last year
- Command and Control Framework written in C#☆399Updated last year
- Encrypted shellcode Injection to avoid Kernel triggered memory scans☆368Updated last year
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆548Updated 3 months ago
- Modules used by the Havoc Framework☆229Updated 10 months ago
- Automated DLL Sideloading Tool With EDR Evasion Capabilities☆469Updated last year
- Amsi Bypass payload that works on Windwos 11☆377Updated last year
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆405Updated 10 months ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆671Updated last month
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆325Updated 9 months ago
- Generate an obfuscated DLL that will disable AMSI & ETW☆321Updated 9 months ago
- A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk☆452Updated 9 months ago
- Collection of UAC Bypass Techniques Weaponized as BOFs☆500Updated last year
- This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and down…☆246Updated last year
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆574Updated 9 months ago
- Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.☆397Updated last year
- Materials for the workshop "Red Team Ops: Havoc 101"☆373Updated 6 months ago
- COM Hijacking VOODOO☆289Updated last month
- shellcode loader for your evasion needs☆317Updated 5 months ago
- ☆300Updated last year
- Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection☆288Updated 11 months ago
- ☆255Updated last year
- ☆348Updated last year
- This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp…☆416Updated last year
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆310Updated last year
- Native Syscalls Shellcode Injector☆266Updated last year