Idov31 / VenomLinks
Venom is a library that meant to perform evasive communication using stolen browser socket
☆396Updated 2 years ago
Alternatives and similar repositories for Venom
Users that are interested in Venom are comparing it to the libraries listed below
Sorting:
- PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.☆619Updated 2 years ago
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆675Updated 3 years ago
- Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework☆389Updated last year
- ☆501Updated 3 years ago
- Various ways to execute shellcode☆508Updated last year
- A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…☆535Updated 3 years ago
- Performing Indirect Clean Syscalls☆599Updated 2 years ago
- Lifetime AMSI bypass☆669Updated 2 years ago
- Apply a divide and conquer approach to bypass EDRs☆288Updated 2 years ago
- Analyse your malware to surgically obfuscate it☆517Updated last month
- collection of apis used in malware development☆230Updated 3 years ago
- Automated DLL Sideloading Tool With EDR Evasion Capabilities☆501Updated 2 years ago
- Threadless Process Injection through entry point hijacking☆351Updated last year
- JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.☆314Updated 2 months ago
- UAC bypass by abusing RPC and debug objects.☆629Updated 2 years ago
- The CIA's Marble Framework is designed to allow for flexible and easy-to-use obfuscation when developing tools.☆318Updated 2 years ago
- RunPE implementation with multiple evasive techniques (1)☆379Updated 2 years ago
- Leaked Windows processes handles identification tool☆290Updated 3 years ago
- Slides & Code snippets for a workshop held @ x33fcon 2024☆282Updated last year
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆755Updated last week
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆373Updated 3 years ago
- Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll☆496Updated 4 years ago
- KaynLdr is a Reflective Loader written in C/ASM☆555Updated 2 years ago
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆336Updated last year
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆306Updated 2 years ago
- DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.☆497Updated 3 years ago
- Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting☆363Updated 3 years ago
- A windows token impersonation tool☆320Updated 2 years ago
- Generate an obfuscated DLL that will disable AMSI & ETW☆329Updated last year
- A tool to find folders excluded from AV real-time scanning using a time oracle☆234Updated last year