Idov31 / VenomLinks
Venom is a library that meant to perform evasive communication using stolen browser socket
☆387Updated last year
Alternatives and similar repositories for Venom
Users that are interested in Venom are comparing it to the libraries listed below
Sorting:
- PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.☆597Updated last year
- Various ways to execute shellcode☆494Updated last year
- collection of apis used in malware development☆226Updated 3 years ago
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆652Updated 2 years ago
- ☆489Updated 2 years ago
- A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…☆526Updated 3 years ago
- Performing Indirect Clean Syscalls☆572Updated 2 years ago
- Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework☆381Updated last year
- Lifetime AMSI bypass☆637Updated last year
- Analyse your malware to surgically obfuscate it☆485Updated 2 months ago
- PoC Implementation of a fully dynamic call stack spoofer☆809Updated last year
- UAC bypass by abusing RPC and debug objects.☆621Updated last year
- Threadless Process Injection through entry point hijacking☆347Updated 11 months ago
- JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.☆310Updated 11 months ago
- Automated DLL Sideloading Tool With EDR Evasion Capabilities☆483Updated last year
- Project Ares is a Proof of Concept (PoC) loader written in C/C++ based on the Transacted Hollowing technique☆338Updated 3 years ago
- Apply a divide and conquer approach to bypass EDRs☆280Updated last year
- ☆359Updated last year
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆299Updated 2 years ago
- Leaked Windows processes handles identification tool☆288Updated 3 years ago
- DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.☆494Updated 2 years ago
- Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll☆470Updated 3 years ago
- A tool to find folders excluded from AV real-time scanning using a time oracle☆233Updated last year
- KaynLdr is a Reflective Loader written in C/ASM☆541Updated last year
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆707Updated 4 months ago
- Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.☆250Updated 9 months ago
- Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers t…☆457Updated 3 years ago
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆366Updated 3 years ago
- Tools and PoCs for Windows syscall investigation.☆361Updated 2 months ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆353Updated 6 months ago