EvilBytecode / RubyRedOpsLinks
π | RubyRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Ruby
β10Updated 6 months ago
Alternatives and similar repositories for RubyRedOps
Users that are interested in RubyRedOps are comparing it to the libraries listed below
Sorting:
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.β47Updated 5 months ago
- Good CLR Host with Native patchless AMSI Bypassβ96Updated 7 months ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dllβ132Updated 7 months ago
- A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsassβ161Updated last month
- A fucking real shellcode loader with a GUI. Work-in-Progress.β80Updated 4 months ago
- C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, pβ¦β166Updated this week
- Dumping App Bound Protected Credentials & Cookies Without Privileges.β99Updated 5 months ago
- BOF with Synthetic Stackframeβ182Updated 2 weeks ago
- Threadless shellcode injection toolβ67Updated last year
- A Mythic agent for Windows written in Cβ140Updated this week
- Robust Cobalt Strike shellcode loader with multiple advanced evasion featuresβ188Updated 6 months ago
- Indirect Syscall with TartarusGate Approach in Goβ132Updated 4 months ago
- Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooksβ129Updated 10 months ago
- Generate an Alphabetical Polymorphic Shellcodeβ130Updated 3 months ago
- A mutliple tactics to execute shellcode in go :}β23Updated 6 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)β195Updated 9 months ago
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpointsβ116Updated 4 months ago
- Early Bird Cryo Injections β APC-based DLL & Shellcode Injection via Pre-Frozen Job Objectsβ121Updated 7 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.β87Updated 6 months ago
- Bypass LSA protection using the BYODLL techniqueβ169Updated last year
- β137Updated last week
- γβ οΈγPerforming a BYOVD on the truesight.sys driverβ44Updated 11 months ago
- A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBufβ¦β61Updated 6 months ago
- β120Updated 9 months ago
- Shellcode loaderβ94Updated 11 months ago
- Sleep obfuscationβ248Updated 11 months ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.β98Updated last year
- A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strikeβ171Updated 3 weeks ago
- Cobaltstrike Reflective Loader with Synthetic Stackframeβ140Updated 9 months ago
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniquesβ83Updated 2 months ago