EvilBytecode / EDR-XDR-AV-Bypass-Shellcode-Loader
Bypassing Major EDR's with staged shellcode, custom getmodulehandleW and getprocaddress, veh syscalls & more.
β14Updated last week
Alternatives and similar repositories for EDR-XDR-AV-Bypass-Shellcode-Loader:
Users that are interested in EDR-XDR-AV-Bypass-Shellcode-Loader are comparing it to the libraries listed below
- Ransomware written in go, encrypt - decrypt.β18Updated 9 months ago
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.β19Updated 8 months ago
- π‘οΈ A multi-user malleable C2 framework targeting Windows. Written in C++ and Pythonβ44Updated last year
- Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when β¦β82Updated 2 years ago
- Classic Process Injection with Memory Evasion Techniques implemantationβ68Updated last year
- A mutliple tactics to execute shellcode in go :}β16Updated 8 months ago
- shellcode loader that uses indirect syscalls written in D Lang The loader bypasses user-mode hooks by resolving system calls manually froβ¦β9Updated 6 months ago
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secuβ¦β41Updated 10 months ago
- Go Based Crypter That Can Bypass Any Kinds Of Antivirus Products, payload crypter supports over 4 programming languages.β42Updated 9 months ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.β90Updated 9 months ago
- Malware development in Go, learn today, anti dynamic analysis & Static & sandboxes.β11Updated 9 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.β73Updated 7 months ago
- UAC Bypass via CMUACUtil & PEB Enumeration, Undetected for now.β46Updated 10 months ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsingβ¦β20Updated last month
- A simple Sleepmask BOF exampleβ93Updated 6 months ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system cβ¦β24Updated 6 months ago
- A WIP shellcode loader tool which bypasses AV/EDR, coded in C++, and equipped with a minimal console builder.β41Updated 6 months ago
- Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooksβ98Updated 3 months ago
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.β106Updated last year
- Execute shellcode via Bluetooth device authenticationβ35Updated last month
- A Mythic agent for Windows written in Cβ104Updated this week
- A firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a unprivileged userβ39Updated 7 months ago
- Shellcode loaderβ77Updated 4 months ago
- Load various payload (DLL from memory, Exe, etc...) in a way to evade static analysis of Antivirus. It can fetch data from various methodβ¦β8Updated this week
- A fucking real shellcode loader with a GUI. Work-in-Progress.β70Updated 2 months ago
- Null-free shellcode for TCP reverse shell on Windows x64β54Updated last year
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process holβ¦β68Updated last year
- Indirect Syscall with TartarusGate Approach in Goβ112Updated 3 months ago
- Parent Process ID Spoofing, coded in CGo.β22Updated 9 months ago
- Implementation of Indirect Syscall technique to pop a calc.exeβ100Updated last year