KooroshRZ / EvaderLinks
Packer (actually a crypter) for antivirus evasion implemented for windows PE files (BSc-Thesis)
☆104Updated 5 years ago
Alternatives and similar repositories for Evader
Users that are interested in Evader are comparing it to the libraries listed below
Sorting:
- NINA: No Injection, No Allocation x64 Process Injection Technique☆225Updated 5 years ago
- A more stealthy variant of "DLL hollowing"☆350Updated last year
- Gozi ISFB is a well-known and widely distributed banking trojan, and has been in the threat landscape for the past several years.☆65Updated 7 years ago
- Manual DLL Injector using Thread Hijacking.☆238Updated 7 years ago
- A tool for injecting 64-bit executables into legitimate processes. Users can specify a local file or download one from a URL, with all op…☆204Updated 8 months ago
- A Simple AES Command Line Crypter☆36Updated 2 years ago
- An obfuscation tool for Windows which instruments the Windows Loader into acting as an unpacking engine.☆306Updated 6 years ago
- A kernel rootkit with remote command and control interface for windows☆109Updated 7 years ago
- Various Process Injection Techniques☆148Updated 3 years ago
- Executes 64bit code from a 32bit process☆232Updated 7 years ago
- A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.☆179Updated 2 months ago
- A kernel-mode rootkit with remote control☆216Updated 4 years ago
- Simple 32/64-bit PEs loader.☆138Updated 6 years ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆71Updated 4 years ago
- A PoC designed to bypass all usermode hooks in a WoW64 environment.☆150Updated 4 years ago
- Code that allows running another windows PE in the same address space as the host process.☆448Updated 8 years ago
- Executing a .NET Assembly from C++ in Memory (CLR Hosting)☆196Updated 8 years ago
- x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code☆204Updated 4 years ago
- Research on Anti-malware and other related security solutions☆259Updated 4 years ago
- Packer compressing .net assemblies, (ab)using the PE format for data storage☆174Updated 2 years ago
- This is a simple example and explanation of obfuscating API resolution via hashing☆235Updated 5 years ago
- FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!☆336Updated 2 years ago
- Yet another variant of Process Hollowing☆400Updated 5 months ago
- Set of antianalysis techniques found in malware☆132Updated last year
- 🗜️ A packer for Windows x86 executable files written in C and Intel x86 Assembly. The new file after packing can obstruct reverse engine…☆344Updated 8 months ago
- Cryline project - It's a simple test ransomware for Windows OS without stable encryption. Pls use this source code for study purposes on…☆56Updated last month
- Process Hollowing for 32 bit and 64 bit☆79Updated 7 years ago
- PoC designed to evade userland-hooking anti-virus.☆88Updated 6 years ago
- Exploit MsIo vulnerable driver☆106Updated 3 years ago
- Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.☆153Updated 2 years ago