Measures average CPU cycles for the CPUID instruction to detect if the code is running in a VM by comparing against a threshold.
☆21Apr 21, 2025Updated 10 months ago
Alternatives and similar repositories for Evilbytecode-Anti-VM
Users that are interested in Evilbytecode-Anti-VM are comparing it to the libraries listed below
Sorting:
- Kill malawarebytes process. Can be ported to any programming language.☆12Apr 21, 2025Updated 10 months ago
- Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…☆15Apr 21, 2025Updated 10 months ago
- Enable-All-Tokens is a Go-based project designed to adjust and enable a list of specified privileges for the current process token on a W…☆10Apr 21, 2025Updated 10 months ago
- Ransomware written in go, encrypt - decrypt.☆30Apr 27, 2025Updated 10 months ago
- 💎 | RubyRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Ruby☆10Apr 21, 2025Updated 10 months ago
- A malicous Golang Package☆15Apr 21, 2025Updated 10 months ago
- VBS-Obfuscator-GO is a Go-based tool designed for obfuscating VBScript (VBS) files. It transforms readable VBScript code into a less reco…☆38Apr 21, 2025Updated 10 months ago
- golang decryption poc of the new app bound encryption introduced in chrome version 127.☆22Nov 4, 2024Updated last year
- extract chromium-based browser's cookies using chrome's remote debugging without admin rights☆22Nov 3, 2024Updated last year
- Utilizing DLang For Offensive Operations.☆14May 29, 2025Updated 9 months ago
- Near compile-time string obfuscation for Golang☆13Oct 3, 2023Updated 2 years ago
- Malware development in Go, learn today, anti dynamic analysis & Static & sandboxes.☆15Apr 21, 2025Updated 10 months ago
- PhantomDelay is a precise delay function that uses the Windows high resolution performance counter to pause your program for a specified …☆19May 8, 2025Updated 9 months ago
- Misery Loader to bypass modern EDR solutions☆18Dec 20, 2024Updated last year
- Spoof the return address of any function call.☆11Jul 21, 2024Updated last year
- 🔑 Open source stealer written in Go, all logs will be sent to Telegram bot.☆139Apr 27, 2025Updated 10 months ago
- ☆12Aug 30, 2024Updated last year
- Troll TaskManager, and play with it .☆30Aug 3, 2025Updated 6 months ago
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.☆51May 22, 2025Updated 9 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆92Apr 27, 2025Updated 10 months ago
- A network packet synthesis language☆22Updated this week
- Shellcode encoder&loader written in Go language, which can encrypt binary or PE files. It offers a variety of complex encryption algorith…☆20May 24, 2024Updated last year
- Ebyte-Go-Morpher is a Go program that parses, analyzes, and rewrites Go source code to apply multiple layers of obfuscation. It operates …☆122Jul 19, 2025Updated 7 months ago
- The script checks Jenkins endpoints for CVE-2024-43044 by retrieving the Jenkins version from the innstance and comparing it against know…☆19Aug 8, 2024Updated last year
- By manipulating LSASS memory flags like UseLogonCredential and IsCredGuardEnabled, this repo demonstrates how Credential Guard can be byp…☆14May 25, 2025Updated 9 months ago
- V8sandbox_bypass using stack misalignment☆23Aug 25, 2024Updated last year
- Bypassing Major EDR's with staged shellcode, custom getmodulehandleW and getprocaddress, veh syscalls & more.☆26Apr 21, 2025Updated 10 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆103Apr 27, 2025Updated 10 months ago
- Parent Process ID Spoofing, coded in CGo.☆24Apr 21, 2025Updated 10 months ago
- Go keylogger for Windows, logging keyboard input to a file using Windows API functions, and it is released under the Unlicense.☆28Apr 21, 2025Updated 10 months ago
- poc code for CVE-2024-38080☆30Sep 1, 2024Updated last year
- Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver☆294Apr 21, 2025Updated 10 months ago
- Something about me!☆11Updated this week
- 2019☆11Aug 11, 2018Updated 7 years ago
- Javascript keylogger in a chrome extension that sends keystrokes to discord☆10Jan 5, 2024Updated 2 years ago
- Golang bindings for PE-sieve☆42Nov 11, 2023Updated 2 years ago
- 该漏洞存在于 NtQueryInformationToken 函数中,特别是在处理AuthzBasepCopyoutInternalSecurityAttributes 函数时,该漏洞源于内核在操作对象时对锁定机制的不当管理,这一失误可能导致恶意实体意外提升权限。☆40Jul 5, 2024Updated last year
- Script that can scrape and add members in your Telegram Group.☆11Nov 4, 2023Updated 2 years ago
- launchpad smart contract create token, bonding curve, pool creation on solana☆11Aug 8, 2024Updated last year