Idov31 / VenomLinks
Venom is a library that meant to perform evasive communication using stolen browser socket
☆394Updated 2 years ago
Alternatives and similar repositories for Venom
Users that are interested in Venom are comparing it to the libraries listed below
Sorting:
- PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.☆615Updated 2 years ago
- Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework☆390Updated last year
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆668Updated 2 years ago
- ☆496Updated 3 years ago
- A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…☆536Updated 3 years ago
- collection of apis used in malware development☆231Updated 3 years ago
- Threadless Process Injection through entry point hijacking☆349Updated last year
- Performing Indirect Clean Syscalls☆594Updated 2 years ago
- UAC bypass by abusing RPC and debug objects.☆628Updated 2 years ago
- Various ways to execute shellcode☆508Updated last year
- Lifetime AMSI bypass☆664Updated 2 years ago
- Automated DLL Sideloading Tool With EDR Evasion Capabilities☆501Updated 2 years ago
- Leaked Windows processes handles identification tool☆290Updated 3 years ago
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆306Updated 2 years ago
- JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.☆314Updated 3 weeks ago
- Manipulating and Abusing Windows Access Tokens.☆287Updated 4 years ago
- Analyse your malware to surgically obfuscate it☆511Updated this week
- Apply a divide and conquer approach to bypass EDRs☆287Updated 2 years ago
- Tools and PoCs for Windows syscall investigation.☆367Updated 2 weeks ago
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆337Updated last year
- Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers t…☆458Updated 4 years ago
- ☆374Updated 2 years ago
- A tool to find folders excluded from AV real-time scanning using a time oracle☆234Updated last year
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆372Updated 3 years ago
- ☆601Updated 5 months ago
- DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.☆495Updated 3 years ago
- Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll☆490Updated 3 years ago
- Dump the memory of any PPL with a Userland exploit chain☆348Updated 2 years ago
- KaynLdr is a Reflective Loader written in C/ASM☆556Updated 2 years ago
- The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).☆234Updated last year