0xTriboulet / RevenantLinks
Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework
☆382Updated last year
Alternatives and similar repositories for Revenant
Users that are interested in Revenant are comparing it to the libraries listed below
Sorting:
- Generate an obfuscated DLL that will disable AMSI & ETW☆328Updated last year
- Automated DLL Sideloading Tool With EDR Evasion Capabilities☆486Updated last year
- JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.☆309Updated last year
- Performing Indirect Clean Syscalls☆574Updated 2 years ago
- Encrypted shellcode Injection to avoid Kernel triggered memory scans☆386Updated last year
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆336Updated last year
- Kill AV/EDR leveraging BYOVD attack☆370Updated 2 years ago
- This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp…☆423Updated 2 years ago
- Modules used by the Havoc Framework☆246Updated last year
- ☆363Updated last year
- Lifetime AMSI bypass☆639Updated last year
- shellcode loader for your evasion needs☆338Updated 3 months ago
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆430Updated last year
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆570Updated 7 months ago
- Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.☆400Updated 2 years ago
- This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and down…☆253Updated 2 years ago
- Native Syscalls Shellcode Injector☆266Updated 2 years ago
- Materials for the workshop "Red Team Ops: Havoc 101"☆385Updated 10 months ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆713Updated 2 weeks ago
- ☆330Updated 2 years ago
- ☆260Updated last year
- My collection of malware dev links☆283Updated 2 months ago
- Analyse your malware to surgically obfuscate it☆493Updated 2 months ago
- A QoL tool to obfuscate shellcode. In the future will be able to chain encoding/encryption/compression methods.☆206Updated 2 years ago
- A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk☆461Updated last year
- Protected Process Dumper Tool☆563Updated last year
- Amsi Bypass payload that works on Windwos 11☆377Updated 2 years ago
- transform your payload into ipv4/ipv6/mac arrays☆189Updated 3 years ago
- DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.☆495Updated 2 years ago
- Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.☆254Updated 10 months ago