D1rkMtr / AmsiScanBuffer
☆38Updated this week
Related projects: ⓘ
- ☆25Updated this week
- Beacon Object Files (not Buffer Overflows)☆51Updated last year
- ☆38Updated 11 months ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆50Updated last year
- Sleep Obfuscation☆39Updated last year
- ☆50Updated last year
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆37Updated last year
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated last year
- This is my own implementation of the Perun's Fart technique by Sektor7☆64Updated 2 years ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆32Updated 8 months ago
- ☆29Updated last year
- Windows x64 Process Injection via Ghostwriting with Dynamic Configuration☆27Updated 2 years ago
- Beacon Object File allowing creation of Beacons in different sessions.☆73Updated 2 years ago
- ☆17Updated this week
- ☆52Updated this week
- Example of using Sleep to create better named pipes.☆41Updated last year
- ☆20Updated 3 months ago
- A care package of useful bofs for red team engagments☆47Updated last year
- ☆33Updated last year
- ☆47Updated last year
- ☆54Updated last month
- BYOVD collection☆19Updated 5 months ago
- ☆27Updated 3 months ago
- Reimplementation of the KExecDD DSE bypass technique.☆42Updated last week
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆50Updated 6 months ago
- A VSCode plugin to assist with BOF development.☆29Updated last month
- Hooked create process injection for meterpreter☆23Updated 3 years ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated 2 months ago
- ☆24Updated this week