Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package. Windows ONLY.
β847Dec 10, 2025Updated 3 months ago
Alternatives and similar repositories for GoDefender
Users that are interested in GoDefender are comparing it to the libraries listed below
Sorting:
- 𦫠| GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specificβ¦β661Apr 27, 2025Updated 10 months ago
- Malware development in Go, learn today, anti dynamic analysis & Static & sandboxes.β15Apr 21, 2025Updated 10 months ago
- A Documentation for my module PS2BAT, it converts Powershell Scripts to Batchfile ones.β11Apr 21, 2025Updated 10 months ago
- Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driverβ294Apr 21, 2025Updated 10 months ago
- π Open source stealer written in Go, all logs will be sent to Telegram bot.β138Apr 27, 2025Updated 10 months ago
- Enable-All-Tokens is a Go-based project designed to adjust and enable a list of specified privileges for the current process token on a Wβ¦β10Apr 21, 2025Updated 10 months ago
- Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR β¦β301Jul 31, 2024Updated last year
- Ransomware written in go, encrypt - decrypt.β30Apr 27, 2025Updated 10 months ago
- GolangStyle, best looking go library.β13Apr 21, 2025Updated 10 months ago
- Because AV evasion should be easy.β862Nov 28, 2024Updated last year
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)β195Feb 6, 2025Updated last year
- β410Dec 8, 2024Updated last year
- A Go implementation of Cobalt Strike style BOF/COFF loaders.β267Feb 22, 2025Updated last year
- .NET assembly loader with patchless AMSI and ETW bypassβ374Apr 19, 2023Updated 2 years ago
- π | RubyRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rubyβ10Apr 21, 2025Updated 10 months ago
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetryβ460Aug 2, 2024Updated last year
- Sleep obfuscationβ270Dec 13, 2024Updated last year
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.β250Jun 11, 2024Updated last year
- Shellcode loader generator with multiples featuresβ508Dec 31, 2024Updated last year
- Nameless C2 - A C2 with all its components written in Rustβ284Sep 26, 2024Updated last year
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.β51May 22, 2025Updated 9 months ago
- A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders impβ¦β343Oct 7, 2024Updated last year
- Real fucking shellcode encryptor & obfuscator toolβ1,012Jan 7, 2026Updated 2 months ago
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-buiβ¦β234Feb 12, 2025Updated last year
- Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package.β79Apr 27, 2025Updated 10 months ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird β¦β787Jan 26, 2026Updated last month
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.β618Jan 2, 2025Updated last year
- ROP-based sleep obfuscation to evade memory scannersβ379Jun 22, 2025Updated 8 months ago
- Process injection alternativeβ407Sep 6, 2024Updated last year
- Dump cookies and credentials directly from Chrome/Edge process memoryβ1,417Jan 19, 2026Updated 2 months ago
- A malicous Golang Packageβ15Apr 21, 2025Updated 10 months ago
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layerβ542Feb 13, 2024Updated 2 years ago
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijacβ¦β271Oct 31, 2024Updated last year
- β126Sep 1, 2024Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phanβ¦β283Sep 18, 2024Updated last year
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)β262Jun 29, 2024Updated last year
- remote process injections using pool party techniquesβ70Jun 29, 2025Updated 8 months ago
- A BOF that runs unmanaged PEs inlineβ683Oct 23, 2024Updated last year
- Encrypted shellcode Injection to avoid Kernel triggered memory scansβ407Sep 12, 2023Updated 2 years ago