EvilBytecode / Evilbytecode-Anti-VM
Measures average CPU cycles for the CPUID instruction to detect if the code is running in a VM by comparing against a threshold.
☆18Updated 5 months ago
Alternatives and similar repositories for Evilbytecode-Anti-VM:
Users that are interested in Evilbytecode-Anti-VM are comparing it to the libraries listed below
- GetSyscallStubCGo.☆9Updated 5 months ago
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.☆18Updated 6 months ago
- Near compile-time string obfuscation for Golang☆13Updated last year
- Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…☆10Updated 5 months ago
- Change hash for a signed pe☆15Updated last year
- Ransomware written in go, encrypt - decrypt.☆16Updated 7 months ago
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆42Updated 10 months ago
- ☆38Updated 7 months ago
- golang decryption poc of the new app bound encryption introduced in chrome version 127.☆19Updated 2 months ago
- Windows C++ Implant for Exploration C2☆23Updated this week
- Plantronics Desktop Hub LPE☆37Updated 8 months ago
- Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.☆43Updated 11 months ago
- A (quite) simple steganography algorithm to hide shellcodes within bitmap image.☆21Updated 8 months ago
- C# API for Nidhogg rootkit☆16Updated 9 months ago
- Exploiting the KsecDD Windows driver through Server Silos☆38Updated 2 months ago
- ☆43Updated last week
- A fucking real shellcode loader with a GUI. Work-in-Progress.☆67Updated 2 weeks ago
- a demo module for the kaine agent to execute and inject assembly modules☆38Updated 5 months ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆24Updated 4 months ago
- A malicous Golang Package☆11Updated 7 months ago
- converts sRDI compatible dlls to shellcode☆18Updated last week
- Enable-All-Tokens is a Go-based project designed to adjust and enable a list of specified privileges for the current process token on a W…☆10Updated 6 months ago
- Core Submodule of Exploration C2☆14Updated this week
- ☆36Updated last year
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆70Updated 11 months ago
- In-memory hiding technique☆45Updated 3 weeks ago
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆41Updated last year
- A COFF Loader written in Rust☆56Updated this week
- Indirect NT syscalls LSASS dumper.☆40Updated last year
- dump Chrome cookies remotely with atexec and CDP☆67Updated 5 months ago