AlteredSecurity / Disable-TamperProtection

Related projects: ⓘ

• OtterHacker / SetProcessInjection
  ☆142Updated 11 months ago
• vxCrypt0r / AMSI_VEH
  A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…
  ☆142Updated 3 months ago
• cpu0x00 / SharpReflectivePEInjection
  reflectively load and execute PEs locally and remotely bypassing EDR hooks
  ☆151Updated 8 months ago
• nettitude / Tartarus-TpAllocInject
  ☆172Updated 9 months ago
• MzHmO / DebugAmsi
  DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.
  ☆91Updated last year
• BlackSnufkin / BYOVD
  Some POCs for my BYOVD research and find some vulnerable drivers
  ☆95Updated last week
• VoldeSec / PatchlessCLRLoader
  .NET assembly loader with patchless AMSI and ETW bypass
  ☆268Updated last year
• ZERODETECTION / MSC_Dropper
  ☆119Updated last month
• florylsk / ExecIT
  Execute shellcode files with rundll32
  ☆171Updated 7 months ago
• CICADA8-Research / COMThanasia
  A set of programs for analyzing common vulnerabilities in COM
  ☆94Updated last week
• florylsk / SignatureGate
  Weaponized HellsGate/SigFlip
  ☆188Updated last year
• lem0nSec / KBlast
  Windows Kernel Offensive Toolset
  ☆111Updated last week
• som3canadian / Cloudflare-Redirector
  Just another C2 Redirector using CloudFlare.
  ☆76Updated 4 months ago
• cybersectroll / TrollAMSI
  ☆131Updated 3 months ago
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆59Updated 3 months ago
• Z4kSec / IoctlHunter
  IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.
  ☆83Updated 8 months ago
• 0xsp-SRD / MDE_Enum
  comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…
  ☆193Updated 3 months ago
• oldboy21 / RflDllOb
  Reflective DLL Injection Made Bella
  ☆170Updated last week
• naksyn / ProcessStomping
  A variation of ProcessOverwriting to execute shellcode on an executable's section
  ☆147Updated 9 months ago
• naksyn / DojoLoader
  Generic PE loader for fast prototyping evasion techniques
  ☆175Updated 2 months ago
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆46Updated 6 months ago
• klezVirus / RpcProxyInvoke
  Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar
  ☆106Updated last month
• dmcxblue / SharpBlackout
  Terminate AV/EDR leveraging BYOVD attack
  ☆77Updated last year
• TierZeroSecurity / edr_blocker
  Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…
  ☆136Updated last month
• securifybv / BOFRyptor
  ☆113Updated 11 months ago
• Wh04m1001 / CVE-2024-20656
  ☆125Updated 8 months ago
• ipSlav / DirtyCLR
  An App Domain Manager Injection DLL PoC on steroids
  ☆155Updated 9 months ago
• 0xHossam / HuffLoader
  Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader
  ☆75Updated 6 months ago
• zyn3rgy / smbtakeover
  BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
  ☆242Updated last month
• Dump-GUY / EXE-or-DLL-or-ShellCode
  Just a simple silly PoC demonstrating executable "exe" file that can be used like exe, dll or shellcode...
  ☆120Updated last week