Hackmosphere / DefenderBypassLinks
A guide to learning antivirus evasion
☆36Updated 2 months ago
Alternatives and similar repositories for DefenderBypass
Users that are interested in DefenderBypass are comparing it to the libraries listed below
Sorting:
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆153Updated last year
- Morpheus is an lsass stealer that extracts lsass.exe in RAM and exfiltrates it via forged and crypted NTP packets. For authorized testin…☆98Updated last week
- Execute commands interactively on remote Windows machines using the WinRM protocol☆155Updated last week
- Inject RDPThief into memory with PowerShell.☆64Updated 5 months ago
- A PoC for Early Cascade process injection technique.☆182Updated 4 months ago
- Stage 0☆161Updated 6 months ago
- ☆89Updated 5 months ago
- Null-AMSI is an AMSI and ETW bypass that takes advantage of .NET types (.NET Reflection) to bypassing AV/EDR.☆69Updated 3 weeks ago
- Leverage WindowsApp createdump tool to obtain an lsass dump☆150Updated 9 months ago
- Ghosting-AMSI☆196Updated 2 months ago
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆117Updated 2 months ago
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆173Updated last month
- PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges requir…☆149Updated last year
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆69Updated 2 months ago
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆201Updated last year
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆122Updated 8 months ago
- C# AV/EDR Killer using less-known driver (BYOVD)☆177Updated last year
- C++ Reflective Assembly Loader☆27Updated 3 months ago
- TeamServer and Client of Exploration Command and Control Framework☆131Updated 3 weeks ago
- ☆137Updated last month
- CVE-2024-38200 & CVE-2024-43609 - Microsoft Office NTLMv2 Disclosure Vulnerability☆141Updated 5 months ago
- Continuous password spraying tool☆189Updated 3 months ago
- ☆70Updated 3 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆201Updated 8 months ago
- ☆71Updated last month
- A Mythic agent for Windows written in C☆126Updated 3 weeks ago
- A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …☆166Updated 2 months ago
- A python script to automatically list vulnerable Windows ACEs/ACLs.☆57Updated 3 weeks ago
- Охотник (Hunter) is a simple Adversary Simulation tool developed for achieves stealth through API unhooking, direct and indirect syscalls…☆75Updated 2 months ago
- ☆84Updated 4 months ago