A guide to learning antivirus evasion
☆64Mar 28, 2025Updated 11 months ago
Alternatives and similar repositories for DefenderBypass
Users that are interested in DefenderBypass are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆53Jul 8, 2025Updated 8 months ago
- C++ tool and library for converting .bin files to shellcode in multiple output formats.☆34Aug 18, 2025Updated 7 months ago
- Utilities for obfuscating shellcode☆102Mar 4, 2026Updated 3 weeks ago
- P2P Communications of Named Pipes☆12Dec 11, 2025Updated 3 months ago
- Cheatsheets☆19Jul 4, 2022Updated 3 years ago
- ☆11Dec 8, 2023Updated 2 years ago
- PowerShell Script to automatically abuse the BadSuccessor vulnerability (CVE-2025-53779)☆45Nov 19, 2025Updated 4 months ago
- A Python based tool to convert custom queries from Legacy BloodHound to BloodHound CE format, with the option to directly upload them to …☆37Oct 1, 2025Updated 5 months ago
- Used to AES encrypt shellcode, can take password or use built in default should be used with Iron Injector to generate and execute shellc…☆15Mar 18, 2022Updated 4 years ago
- Generate an Alphabetical Polymorphic Shellcode☆137Aug 19, 2025Updated 7 months ago
- Umbrella will protect your shellcode from the rain.☆31Jun 4, 2025Updated 9 months ago
- Injecting DLL into LSASS at boot☆156Apr 29, 2025Updated 10 months ago
- ☆39May 4, 2025Updated 10 months ago
- kernel-mode DLL Injector☆130Apr 24, 2025Updated 11 months ago
- A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA …☆167Nov 2, 2025Updated 4 months ago
- A lightweight tool that injects a custom assembly proxy into a target process to silently bypass ETW scanning by redirecting ETW calls to…☆45Jun 1, 2025Updated 9 months ago
- ☆23Jun 9, 2024Updated last year
- Hunt for and Exploit the libSSH Authentication Bypass (CVE-2018-10933)☆10Oct 18, 2018Updated 7 years ago
- Zeroscan is a Domain Controller vulnerability scanner, that currently includes checks for Zerologon (CVE-2020-1472), MS-PAR/MS-RPRN and S…☆11Apr 9, 2022Updated 3 years ago
- RACF Database Parser☆12Apr 4, 2024Updated last year
- ☆59Nov 13, 2024Updated last year
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆151Apr 18, 2025Updated 11 months ago
- A windows kernel driver to Block symbolic link exploit used for privilege escalation.☆15Jul 30, 2020Updated 5 years ago
- ☆11Sep 8, 2017Updated 8 years ago
- A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTA…☆358Mar 17, 2026Updated last week
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆283Apr 6, 2025Updated 11 months ago
- Active Directory certificate abuse☆43Oct 9, 2022Updated 3 years ago
- Modern PIC implant for Windows (64 & 32 bit)☆106Jul 23, 2025Updated 8 months ago
- Exploit AD CS misconfiguration allowing privilege escalation and persistence from any child domain to full forest compromise☆129Dec 2, 2023Updated 2 years ago
- Block Windows Defender by deny ACL☆88Jan 12, 2026Updated 2 months ago
- CVE-2023-28432 POC☆14Mar 24, 2023Updated 3 years ago
- NukeAMSI is a powerful tool designed to neutralize the Antimalware Scan Interface (AMSI) in Windows environments.☆176Dec 19, 2025Updated 3 months ago
- Mythic C2 wrapper for NimSyscallPacker☆25Mar 12, 2025Updated last year
- This tool generates an undetectable Windows reverse shell PowerShell script. Users can configure IP and Port according to their requireme…☆20Jul 16, 2024Updated last year
- Windows rootkit designed to work with BYOVD exploits☆217Jan 18, 2025Updated last year
- Attempts to suspend all known AV/EDRs processes on Windows using syscalls and the undocumented NtSuspendProcess API. Made with <3 for pen…☆13May 11, 2023Updated 2 years ago
- tool for requesting Entra ID's P2P certificate and authenticating to a remote Entra joinned devices with it☆136Aug 23, 2025Updated 7 months ago
- single-threaded event driven sleep obfuscation poc for linux☆38Jun 14, 2025Updated 9 months ago
- Detection of indirect syscall techniques using hardware breakpoints and vectored exception handling.☆51Oct 19, 2025Updated 5 months ago