EvilBytecode / RubyRedOpsLinks
π | RubyRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Ruby
β10Updated 9 months ago
Alternatives and similar repositories for RubyRedOps
Users that are interested in RubyRedOps are comparing it to the libraries listed below
Sorting:
- A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsassβ164Updated 4 months ago
- Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooksβ136Updated last year
- BOF with Synthetic Stackframeβ212Updated 2 months ago
- Early Bird Cryo Injections β APC-based DLL & Shellcode Injection via Pre-Frozen Job Objectsβ135Updated 9 months ago
- Shellcode loaderβ100Updated last year
- γβ οΈγPerforming a BYOVD on the truesight.sys driverβ44Updated last year
- Generate an Alphabetical Polymorphic Shellcodeβ135Updated 5 months ago
- C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, pβ¦β193Updated 3 weeks ago
- Sleep obfuscationβ262Updated last year
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.β101Updated last year
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.β50Updated 8 months ago
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniquesβ88Updated 5 months ago
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpointsβ119Updated 6 months ago
- Moonwalk++: Simple POC Combining StackMoonwalking and Memory Encryptionβ183Updated last month
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dllβ135Updated 9 months ago
- A mutliple tactics to execute shellcode in go :}β23Updated 9 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.β90Updated 8 months ago
- Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible iβ¦β60Updated 9 months ago
- Dumping App Bound Protected Credentials & Cookies Without Privileges.β167Updated 7 months ago
- β142Updated 2 months ago
- A fucking real shellcode loader with a GUI. Work-in-Progress.β81Updated 6 months ago
- Indirect Syscall with TartarusGate Approach in Goβ133Updated 6 months ago
- A Mythic agent for Windows written in Cβ151Updated last week
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)β195Updated 11 months ago
- Cobalt Strike BOF for beacon/shellcode injection using fork & run technique with Draugr synthetic stack framesβ146Updated last month
- A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strikeβ180Updated 2 months ago
- Robust Cobalt Strike shellcode loader with multiple advanced evasion featuresβ198Updated 9 months ago
- Good CLR Host with Native patchless AMSI Bypassβ98Updated 9 months ago
- Reflective shellcode loaderwith advanced call stack spoofing and .NET support.β224Updated 4 months ago
- Threadless shellcode injection toolβ67Updated last year