PowerShell Obfuscation and Data Science
☆180May 4, 2022Updated 3 years ago
Alternatives and similar repositories for Invoke-Evasion
Users that are interested in Invoke-Evasion are comparing it to the libraries listed below
Sorting:
- Hookers are cooler than patches.☆170Jan 21, 2022Updated 4 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆108Mar 8, 2023Updated 2 years ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2☆186Jul 21, 2022Updated 3 years ago
- POC for frustrating/defeating Malware Analysts☆156Jun 12, 2022Updated 3 years ago
- FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads☆384Apr 16, 2022Updated 3 years ago
- ☆413Dec 14, 2023Updated 2 years ago
- Dangling COM Keys Finder☆17Nov 16, 2021Updated 4 years ago
- ☆540Nov 20, 2021Updated 4 years ago
- Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.☆125Apr 9, 2022Updated 3 years ago
- Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts wa…☆1,051Oct 14, 2025Updated 4 months ago
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆675Dec 23, 2022Updated 3 years ago
- Pure C++, weaponized, fully automated implementation of RottenPotatoNG☆313Sep 16, 2021Updated 4 years ago
- Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…☆54Apr 10, 2022Updated 3 years ago
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆744Aug 18, 2023Updated 2 years ago
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,370Oct 27, 2023Updated 2 years ago
- The Token Stealer☆512Jul 13, 2022Updated 3 years ago
- Nim-based assembly packer and shellcode loader for opsec & profit☆488Feb 24, 2023Updated 3 years ago
- Beacon Object File Loader☆293Dec 3, 2023Updated 2 years ago
- Remove API hooks from a Beacon process.☆282Sep 18, 2021Updated 4 years ago
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆483Oct 14, 2022Updated 3 years ago
- .net config loader☆348Nov 9, 2023Updated 2 years ago
- Your syscall factory☆126Jan 13, 2026Updated last month
- KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default…☆1,631Aug 6, 2022Updated 3 years ago
- Beacon Object File PoC implementation of KillDefender☆236Apr 12, 2022Updated 3 years ago
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆187Jun 22, 2022Updated 3 years ago
- ☆208Feb 24, 2022Updated 4 years ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆91Nov 24, 2022Updated 3 years ago
- A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file form…☆1,100Jun 10, 2024Updated last year
- Lifetime AMSI bypass☆672Sep 26, 2023Updated 2 years ago
- Inject .NET assemblies into an existing process☆508Jan 19, 2022Updated 4 years ago
- A centralized resource for previously documented WDAC bypass techniques☆610Sep 8, 2025Updated 5 months ago
- A Nim implementation of reflective PE-Loading from memory☆300Sep 5, 2024Updated last year
- Hunting for passwords with deep learning☆235May 10, 2024Updated last year
- Patch AMSI and ETW☆249May 8, 2024Updated last year
- Project Ares is a Proof of Concept (PoC) loader written in C/C++ based on the Transacted Hollowing technique☆337Jan 16, 2022Updated 4 years ago
- YouTube/Livestream project for obfuscating C# source code using Roslyn☆129May 9, 2021Updated 4 years ago
- ☆145Oct 31, 2023Updated 2 years ago
- ErebusGate for Nim Bypass AV/EDR☆162Nov 7, 2022Updated 3 years ago
- KaynLdr is a Reflective Loader written in C/ASM☆555Dec 3, 2023Updated 2 years ago