Logan-Elliott / HollowGhostLinks
Process hollowing C# shellcode runner that is FUD against Microsoft Defender as of October 7, 2023.
☆19Updated last year
Alternatives and similar repositories for HollowGhost
Users that are interested in HollowGhost are comparing it to the libraries listed below
Sorting:
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆66Updated last month
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆73Updated 9 months ago
- ☆164Updated 10 months ago
- a port of privkit bof for havoc☆23Updated last year
- This repo is for the youtube video where we have explained how to make a detectable reverse shell undetectable by windows defender☆26Updated last year
- Malicious powershell scripts loader designed to avoid detection.☆51Updated last year
- reflectively load and execute PEs locally and remotely bypassing EDR hooks☆153Updated last year
- Injecting DLL into LSASS at boot☆113Updated last month
- Do some DLL SideLoading magic☆83Updated last year
- The best powershell obfuscator ever made☆109Updated last month
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆161Updated last year
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆89Updated 11 months ago
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆165Updated 2 months ago
- Construct the payload at runtime using an array of offsets☆63Updated 11 months ago
- .bin file to shellcode convertor☆37Updated 11 months ago
- Encode shellcode into dictionary words for evasion and entropy reduction☆26Updated 7 months ago
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆97Updated last year
- Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…☆62Updated last year
- Shellcode loader☆81Updated 6 months ago
- A PoC for Early Cascade process injection technique.☆178Updated 4 months ago
- BOF with Synthetic Stackframe☆147Updated 3 months ago
- ☆124Updated last year
- My projects to understand malware development and detection. Use responsibly. I'm not responsible if you cause unauthorised damage to any…☆70Updated last month
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆178Updated last year
- Implementing the ghostly hollowing PE injection technique using tampered syscalls.☆156Updated 2 months ago
- Ghosting-AMSI☆180Updated last month
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆48Updated last year
- Windows Thread Pool Injection Havoc Implementation☆30Updated last year
- .NET assembly loader with patchless AMSI and ETW bypass in Rust☆49Updated 7 months ago
- Red Team Operation's Defense Evasion Technique.☆52Updated last year