Idov31 / FunctionStomping

Related projects: ⓘ

• aaaddress1 / PR0CESS
  some gadgets about windows process and ready to use :)
  ☆570Updated 11 months ago
• Cerbersec / Ares
  Project Ares is a Proof of Concept (PoC) loader written in C/C++ based on the Transacted Hollowing technique
  ☆324Updated 2 years ago
• mgeeky / ShellcodeFluctuation
  An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting…
  ☆913Updated 2 years ago
• hasherezade / transacted_hollowing
  Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging
  ☆516Updated 6 months ago
• mgeeky / ThreadStackSpoofer
  Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation fr…
  ☆1,020Updated 2 years ago
• hlldz / RefleXXion
  RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, …
  ☆478Updated 2 years ago
• Cracked5pider / Stardust
  A modern 64-bit position independent implant template
  ☆999Updated 4 months ago
• Idov31 / Cronos
  PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.
  ☆551Updated 11 months ago
• D1rkMtr / FilelessRemotePE
  ☆702Updated this week
• frkngksl / Huan
  Encrypted PE Loader Generator
  ☆533Updated 3 years ago
• KaLendsi / CVE-2022-21882
  win32k LPE
  ☆457Updated 2 years ago
• rad9800 / TamperingSyscalls
  ☆451Updated 2 years ago
• NUL0x4C / AtomPePacker
  A Highly capable Pe Packer
  ☆676Updated last year
• optiv / Mangle
  Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs
  ☆1,154Updated last year
• monoxgas / Koppeling
  Adaptive DLL hijacking / dynamic export forwarding
  ☆720Updated 4 years ago
• boku7 / BokuLoader
  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
  ☆1,241Updated 9 months ago
• thefLink / RecycledGate
  Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll
  ☆439Updated 2 years ago
• NUL0x4C / TerraLdr
  A Payload Loader Designed With Advanced Evasion Features
  ☆494Updated last year
• mgeeky / ProtectMyTooling
  Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts wa…
  ☆856Updated 11 months ago
• am0nsec / HellsGate
  Original C Implementation of the Hell's Gate VX Technique
  ☆934Updated 3 years ago
• RedTeamOperations / Advanced-Process-Injection-Workshop
  ☆718Updated 11 months ago
• Tylous / ZipExec
  A unique technique to execute binaries from a password protected zip
  ☆1,000Updated 2 years ago
• Idov31 / Venom
  Venom is a library that meant to perform evasive communication using stolen browser socket
  ☆369Updated 11 months ago
• Kudaes / Elevator
  UAC bypass by abusing RPC and debug objects.
  ☆598Updated 11 months ago
• jfmaes / LazySign
  Create fake certs for binaries using windows binaries and the power of bat files
  ☆542Updated 5 months ago
• deepinstinct / Dirty-Vanity
  A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…
  ☆612Updated last year
• klezVirus / inceptor
  Template-Driven AV/EDR Evasion Framework
  ☆1,575Updated 10 months ago
• winterknife / PINKPANTHER
  Windows x64 handcrafted token stealing kernel-mode shellcode
  ☆502Updated 5 months ago
• optiv / Ivy
  Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …
  ☆734Updated last year
• xuanxuan0 / DripLoader
  Evasive shellcode loader for bypassing event-based injection detection (PoC)
  ☆701Updated 3 years ago