𦫠| GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educational purpoeses only.
β659Apr 27, 2025Updated 10 months ago
Alternatives and similar repositories for GoRedOps
Users that are interested in GoRedOps are comparing it to the libraries listed below
Sorting:
- Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driverβ294Apr 21, 2025Updated 10 months ago
- Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package. Windows ONβ¦β840Dec 10, 2025Updated 2 months ago
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Frameworkβ638May 8, 2025Updated 9 months ago
- Golang weaponization for red teamers.β516Jan 17, 2024Updated 2 years ago
- Go Based Crypter That Can Bypass Any Kinds Of Antivirus Products, payload crypter supports over 4 programming languages.β61Apr 27, 2025Updated 10 months ago
- Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR β¦β297Jul 31, 2024Updated last year
- A beacon object file implementation of PoolParty Process Injection Technique.β433Dec 21, 2023Updated 2 years ago
- Dump cookies and credentials directly from Chrome/Edge process memoryβ1,408Jan 19, 2026Updated last month
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird β¦β776Jan 26, 2026Updated last month
- RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rustβ1,834Dec 29, 2025Updated last month
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!β537May 9, 2025Updated 9 months ago
- A BOF that runs unmanaged PEs inlineβ680Oct 23, 2024Updated last year
- Tool to remotely dump secrets from the Windows registryβ522Nov 18, 2025Updated 3 months ago
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layerβ539Feb 13, 2024Updated 2 years ago
- βοΈπ€« Stealth redirector for your red team operation securityβ1,066Jul 6, 2025Updated 7 months ago
- Because AV evasion should be easy.β859Nov 28, 2024Updated last year
- A Go implementation of Cobalt Strike style BOF/COFF loaders.β266Feb 22, 2025Updated last year
- Windows remote execution multitoolβ781Oct 1, 2025Updated 4 months ago
- Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).β586Mar 19, 2024Updated last year
- Shellcode loader generator with multiples featuresβ506Dec 31, 2024Updated last year
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetryβ458Aug 2, 2024Updated last year
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.β325Apr 12, 2024Updated last year
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-buiβ¦β232Feb 12, 2025Updated last year
- A modern 32/64-bit position independent implant templateβ1,293Mar 21, 2025Updated 11 months ago
- A command and control framework written in rust.β384Sep 4, 2025Updated 5 months ago
- Collection of UAC Bypass Techniques Weaponized as BOFs�β607Feb 21, 2024Updated 2 years ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phanβ¦β281Sep 18, 2024Updated last year
- SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.β1,201Apr 16, 2025Updated 10 months ago
- HVNC for Cobalt Strikeβ1,298Dec 7, 2023Updated 2 years ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactionsβ346Nov 19, 2024Updated last year
- Real fucking shellcode encryptor & obfuscator toolβ1,012Jan 7, 2026Updated last month
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.β614Jan 2, 2025Updated last year
- This repo contains C/C++ snippets that can be handy in specific offensive scenarios.β762Jan 26, 2025Updated last year
- LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and rβ¦β382Apr 26, 2025Updated 10 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)β195Feb 6, 2025Updated last year
- FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loadiβ¦β400Sep 26, 2024Updated last year
- Tools for analyzing EDR agentsβ277Jun 10, 2024Updated last year
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfveβ¦β592Jun 12, 2024Updated last year
- Collection of Beacon Object Files (BOF) for Cobalt Strikeβ672Aug 15, 2025Updated 6 months ago