Ebyte-Go-Morpher is a Go program that parses, analyzes, and rewrites Go source code to apply multiple layers of obfuscation. It operates directly on the Go Abstract Syntax Tree (AST) and generates both obfuscated source files and runtime decryption logic.
☆122Jul 19, 2025Updated 7 months ago
Alternatives and similar repositories for Ebyte-Go-Morpher
Users that are interested in Ebyte-Go-Morpher are comparing it to the libraries listed below
Sorting:
- ☆21Jan 8, 2026Updated last month
- A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.☆92Jan 8, 2025Updated last year
- Listener that spawns a new tmux window for each incoming reverse shell + Supports listening on many ports☆59Jul 13, 2025Updated 7 months ago
- AutoPwnKey is a red teaming framework and testing tool using AutoHotKey (AHK), which at the time of creation proves to be quite evasive. …☆110Jul 21, 2025Updated 7 months ago
- Persist like a Dodder☆67May 19, 2025Updated 9 months ago
- Windows anti-debugging sandbox☆40Dec 24, 2025Updated 2 months ago
- .NET tool used to enrich RPC telemetry☆101Jan 24, 2026Updated last month
- A tool to enumerate and download files from the System Center Configuration Manager (SCCM) SMB share (SCCMContentLib)☆16Jul 27, 2024Updated last year
- How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.☆25Apr 21, 2025Updated 10 months ago
- Measures average CPU cycles for the CPUID instruction to detect if the code is running in a VM by comparing against a threshold.☆21Apr 21, 2025Updated 10 months ago
- An OpenAI API Compatible Honeypot Gateway☆17Mar 17, 2025Updated 11 months ago
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Feb 10, 2025Updated last year
- Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies☆50Jul 6, 2025Updated 7 months ago
- Indirect Syscall with TartarusGate Approach in Go☆134Jul 8, 2025Updated 7 months ago
- 🖥️ Windows 🚀 A Windows tool for emergency privacy: instantly deletes sensitive data and active logins to protect my information during …☆54Jan 26, 2026Updated last month
- Ghosting-AMSI☆224Apr 24, 2025Updated 10 months ago
- C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, p…☆199Dec 30, 2025Updated last month
- Seamless remote browser session control☆225Jan 28, 2026Updated 3 weeks ago
- This JavaScript CLI "undeletes' packages that have been removed from the NPM registry☆29Dec 18, 2025Updated 2 months ago
- ☆52Jul 8, 2025Updated 7 months ago
- AI-based implant feature☆25Apr 28, 2025Updated 9 months ago
- ☆47Dec 5, 2025Updated 2 months ago
- ☆33Mar 19, 2025Updated 11 months ago
- RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging☆203Mar 6, 2025Updated 11 months ago
- Bypasses AMSI protection through remote memory patching and parsing technique.☆54May 12, 2025Updated 9 months ago
- Runtime enforcement of software supply chain capabilities in Go☆19Nov 12, 2025Updated 3 months ago
- Make your programs stealthier🐝☆202Jun 12, 2025Updated 8 months ago
- A lightweight PowerShell tool for assessing the security posture of Microsoft Entra ID environments. It helps identify privileged object…☆315Feb 8, 2026Updated 2 weeks ago
- Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package. Windows ON…☆840Dec 10, 2025Updated 2 months ago
- A 64 bit executable junk code engine for polymorphic malware.☆76Jun 16, 2025Updated 8 months ago
- Orchestrate detonating your MalDev in VMs with different EDRs to see their detection surface.☆23Jan 30, 2026Updated 3 weeks ago
- Hijack a slack bot to phish your way in☆57Jul 17, 2025Updated 7 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 10 months ago
- PhantomDelay is a precise delay function that uses the Windows high resolution performance counter to pause your program for a specified …☆19May 8, 2025Updated 9 months ago
- Locate dlls and function addresses without PEB Walk and EAT parsing☆104Nov 7, 2025Updated 3 months ago
- This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…☆52May 16, 2025Updated 9 months ago
- Comprehensive Windows Syscall Extraction & Analysis Framework☆162Aug 30, 2025Updated 5 months ago
- A tool to interact with Windows drivers to perform a raw disk read and parse out target files without calling standard Windows file APIs☆107Sep 4, 2025Updated 5 months ago
- Go ransomware leveraging ChaCha20 and ECIES encryption with a web-based control panel.☆46Apr 27, 2025Updated 10 months ago