Shellcode obfuscation tool to avoid AV/EDR.
☆130Sep 1, 2023Updated 2 years ago
Alternatives and similar repositories for espio
Users that are interested in espio are comparing it to the libraries listed below
Sorting:
- Shellcode loader with evasion capabilities written in Nim☆15Jan 25, 2025Updated last year
- CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback☆68Sep 15, 2022Updated 3 years ago
- ShellcodeFluctuation PoC ported to Nim☆79Oct 14, 2022Updated 3 years ago
- UAC bypass for x64 Windows 7 - 11(无弹窗版)☆281Sep 5, 2022Updated 3 years ago
- Some demos to bypass EDRs or AVs by 78itsT3@m☆360Jul 6, 2022Updated 3 years ago
- Terminate AV/EDR leveraging BYOVD attack☆104Mar 21, 2025Updated 11 months ago
- 一个普通的BOF用来BypassUAC☆22Apr 6, 2024Updated last year
- Sleep Obfuscation☆817Dec 3, 2023Updated 2 years ago
- UAC bypass by abusing RPC and debug objects.☆627Oct 19, 2023Updated 2 years ago
- A Nim implementation of reflective PE-Loading from memory☆300Sep 5, 2024Updated last year
- ☆13Apr 1, 2017Updated 8 years ago
- 使用多种WinAPI进行权限维持的CobaltStrike脚本,包含API设置系统服务,设置计划任务,管理用户等。☆556Jan 18, 2022Updated 4 years ago
- IAT-Obfuscation to make static analysis of executable harder.☆44Sep 6, 2021Updated 4 years ago
- Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…☆322Aug 2, 2023Updated 2 years ago
- An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting…☆1,092Jun 17, 2022Updated 3 years ago
- Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.☆382Mar 8, 2023Updated 2 years ago
- Shellcode antivirus evasion framework☆27Jan 16, 2021Updated 5 years ago
- Cobalt Strike Beacon Object File for bypassing UAC via the CMSTPLUA COM interface.☆214Oct 9, 2022Updated 3 years ago
- .NET assembly loader with patchless AMSI and ETW bypass☆370Apr 19, 2023Updated 2 years ago
- PE loader with various shellcode injection techniques☆449Oct 17, 2022Updated 3 years ago
- UAC_wenpon☆49Nov 25, 2021Updated 4 years ago
- TartarusGate, Bypassing EDRs☆653Jan 25, 2022Updated 4 years ago
- SysWhispers on Steroids - AV/EDR evasion via direct system calls.☆1,594Jul 31, 2024Updated last year
- dump lsass进程工具☆561Jul 20, 2023Updated 2 years ago
- WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.��☆281Feb 24, 2025Updated last year
- CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process inject…☆242Jan 4, 2023Updated 3 years ago
- ☆15Aug 17, 2023Updated 2 years ago
- Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver☆294Apr 21, 2025Updated 10 months ago
- Three different shellcode techniques on the Windows Kernel☆15Apr 8, 2025Updated 10 months ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- The best way to send emails in Go.☆12Feb 4, 2021Updated 5 years ago
- 自研的linux_c2☆13Jun 28, 2023Updated 2 years ago
- In-memory token vault BOF for Cobalt Strike☆149Aug 18, 2022Updated 3 years ago
- ☆18Aug 15, 2021Updated 4 years ago
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer☆541Feb 13, 2024Updated 2 years ago
- CVE-2020-1472 C++☆84Sep 2, 2022Updated 3 years ago
- 创建隐藏计划任务,权限维持,Bypass AV☆558Sep 1, 2021Updated 4 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆1,006Jun 4, 2024Updated last year
- Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind☆482Jul 12, 2023Updated 2 years ago