CyberSecurityUP / Offensive-Windows-Drivers-DevelopmentLinks
☆161Updated 6 months ago
Alternatives and similar repositories for Offensive-Windows-Drivers-Development
Users that are interested in Offensive-Windows-Drivers-Development are comparing it to the libraries listed below
Sorting:
- ☆156Updated 3 months ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆155Updated last month
- This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…☆132Updated 3 months ago
- A PoC for Early Cascade process injection technique.☆193Updated 7 months ago
- Bypass user-land hooks by syscall tampering via the Trap Flag☆114Updated 3 weeks ago
- Injecting DLL into LSASS at boot☆137Updated 4 months ago
- RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging☆197Updated 6 months ago
- BSides Prishtina 2024 Malware Development and Persistence workshop☆97Updated 3 months ago
- kernel callback removal (Bypassing EDR Detections)☆188Updated 5 months ago
- Shellcode encryptor using a substitution cipher with a randomly generated key.☆140Updated 7 months ago
- C# AV/EDR Killer using less-known driver (BYOVD)☆180Updated last year
- Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks☆120Updated 8 months ago
- Generate an Alphabetical Polymorphic Shellcode☆115Updated 3 weeks ago
- My projects to understand malware development and detection. Use responsibly. I'm not responsible if you cause unauthorised damage to any…☆88Updated 3 months ago
- StoneKeeper C2, an experimental EDR evasion framework for research purposes☆207Updated 8 months ago
- early cascade injection PoC based on Outflanks blog post☆230Updated 10 months ago
- Ghosting-AMSI☆212Updated 4 months ago
- Stage 0☆164Updated 8 months ago
- Sleep obfuscation☆233Updated 9 months ago
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆255Updated 5 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆80Updated 4 months ago
- PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges requir…☆152Updated last year
- ☆157Updated 9 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆47Updated last year
- Охотник (Hunter) is a simple Adversary Simulation tool developed for achieves stealth through API unhooking, direct and indirect syscalls…☆87Updated 4 months ago
- Windows rootkit designed to work with BYOVD exploits☆206Updated 7 months ago
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆207Updated last year
- Evade EDR's the simple way, by not touching any of the API's they hook.☆154Updated 7 months ago
- ☆200Updated last year
- A POC to disable TamperProtection and other Defender / MDE components☆228Updated last year