Alternatives and similar repositories for Evilbytecode-Shellcode-Go-Tactics:

Users that are interested in Evilbytecode-Shellcode-Go-Tactics are comparing it to the libraries listed below

• kyxiaxiang / AV_EDR_EPP_Notes
  ☆45Updated 9 months ago
• Vasco0x4 / ShadeLoader
  ShadeLoader is a shellcode loader designed to bypass most antivirus software. 壳代码, 杀毒软件, 绕过
  ☆39Updated 5 months ago
• b4nbird / shellcode_entropy_less
  replace the shellcode chatacters so that reduce the entropy
  ☆16Updated last year
• ProcessusT / SharpVenoma
  CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution
  ☆41Updated 9 months ago
• kyxiaxiang / Safetasklist
  Help red teams find opsec processes during engagements
  ☆22Updated last month
• Ethicalrat / Evasive-Loader
  Evasive loader to bypass static detection
  ☆56Updated last year
• EvilBytecode / Nyx-Full-Dll-Unhook
  (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.
  ☆18Updated 6 months ago
• HackerCalico / SigLocator
  Efficient RAT signature locator for bypassing AV/EDR, supporting static scanning and memory scanning.
  ☆28Updated 3 months ago
• gavz / ExplorerPersist
  Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when …
  ☆80Updated 2 years ago
• BambiZombie / ThreadlessSpawn
  A Simple PoC
  ☆19Updated 8 months ago
• kyxiaxiang / JSBypassAV
  ☆21Updated last year
• EvilBytecode / EByte-VBS-Obfuscator-Go
  VBS-Obfuscator-GO is a Go-based tool designed for obfuscating VBScript (VBS) files. It transforms readable VBScript code into a less reco…
  ☆33Updated 5 months ago
• 0x00Check / Amaterasu
  Amaterasu terminates, or inhibits, protected processes such as application control and AV/EDR solutions by leveraging the Sysinternals Pr…
  ☆71Updated 11 months ago
• CBLabresearch / PhantomExecution
  Self Cleanup in post-ex job
  ☆48Updated 4 months ago
• b4nbird / shellcodeLoaders
  ☆27Updated last year
• Cobalt-Strike / sleepmask-vs
  A simple Sleepmask BOF example
  ☆81Updated 4 months ago
• maxDcb / C2TeamServer
  TeamServer and Client of Exploration Command and Control Framework
  ☆83Updated this week
• Haunted-Banshee / Shellcode-Hastur
  Shellcode Reductio Entropy Tools
  ☆64Updated last year
• WafflesExploits / CobaltStrike-YARA-Bypass-f0b627fc
  Repository of scripts from my blog post on bypassing the YARA rule Windows_Trojan_CobaltStrike_f0b627fc by generating alternative shellco…
  ☆26Updated 3 months ago
• timwhitez / BinHol
  Binary Hollowing
  ☆68Updated 4 months ago
• Florian-Hoth / CVE-2024-38100-RCE-POC
  CVE-2024-38100 Windows Leaked Wallpaper Escelation to RCE vulnerability
  ☆11Updated 5 months ago
• coleak2021 / vehsyscall
  vehsyscall:a syscall project that may bypass EDR
  ☆52Updated 10 months ago
• qwqdanchun / ScreenShot-BOF
  ☆39Updated last year
• aleenzz / ChromeExtensionInstall
  Silently Install Chrome Extension For Persistence
  ☆48Updated 6 months ago
• P0x00 / ASPX_Bonanza
  ASPX ShellCode Loader
  ☆51Updated last year
• parzel / GoSleepyCrypt
  In-memory sleep encryption and heap encryption for Go applications through a shellcode function.
  ☆39Updated last year
• v1k1ngfr / fuegoshell
  Fuegoshell is a powershell oneliner generator for Windows remote shell re-using TCP 445
  ☆41Updated 9 months ago
• wabzsy / gonut
  Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.
  ☆41Updated last year
• bobby-tablez / VBScrambler
  A Python-based VBScript Code Obfuscator
  ☆31Updated 8 months ago
• m1ddl3w4r3 / ExecRemoteNET
  Execute Remote Assembly with args passing and with AMSI and ETW patching .
  ☆32Updated last year