EvilBytecode / RubyRedOpsLinks
π | RubyRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Ruby
β10Updated last month
Alternatives and similar repositories for RubyRedOps
Users that are interested in RubyRedOps are comparing it to the libraries listed below
Sorting:
- Unhook Ntdll.dll, Go & C++.β22Updated last month
- How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.β17Updated last month
- converts sRDI compatible dlls to shellcodeβ29Updated 4 months ago
- Proxy function calls through the thread pool with easeβ28Updated 3 months ago
- Section-based payload obfuscation technique for x64β59Updated 9 months ago
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.β31Updated 2 weeks ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system cβ¦β24Updated 8 months ago
- Cobalt Strike UDRL for memory scanner evasion.β51Updated last year
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentialsβ48Updated 3 weeks ago
- Threadless shellcode injection toolβ64Updated 10 months ago
- EmbedExeLnk by x86matthew modified by d4rkiZβ41Updated 2 years ago
- Shellcode Loader Utilizing ETW Eventsβ63Updated 3 months ago
- ATL.dll and WmiMgmt.msc UAC Bypassβ12Updated last month
- Pattern-based AMSI bypass that patches AMSI.dll in memory by modifying comparison values, conditional jumps, and function prologues to neβ¦β18Updated 3 weeks ago
- Cortex EDR Ransomware protection Bypassβ24Updated 3 months ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binariesβ28Updated 4 months ago
- Classic Process Injection with Memory Evasion Techniques implemantationβ70Updated last year
- Rewrite to fit my needsβ28Updated 10 months ago
- Rust template/library for implementing your own COFF loaderβ50Updated 4 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.β73Updated 9 months ago
- Windows C++ Implant for Exploration C2β31Updated last week
- Ransomware written in go, encrypt - decrypt.β22Updated last month
- β40Updated this week
- β55Updated 7 months ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.β61Updated last year
- Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasionβ82Updated last month
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assemblyβ60Updated last year
- β52Updated 5 months ago
- π‘οΈ A multi-user malleable C2 framework targeting Windows. Written in C++ and Pythonβ45Updated last year
- Bypasses AMSI protection through remote memory patching and parsing technique.β42Updated 3 weeks ago