Logan-Elliott / HollowGhostLinks
Process hollowing C# shellcode runner that is FUD against Microsoft Defender as of October 7, 2023.
☆24Updated 2 years ago
Alternatives and similar repositories for HollowGhost
Users that are interested in HollowGhost are comparing it to the libraries listed below
Sorting:
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆90Updated 8 months ago
- Generate an Alphabetical Polymorphic Shellcode☆133Updated 4 months ago
- Selective In-Memory Syscall Unhooking, a stealthy method to bypass user-mode hooks in ntdll.dll☆24Updated 6 months ago
- Dynamic shellcode loader with sophisticated evasion capabilities☆271Updated 3 months ago
- Malicious powershell scripts loader designed to avoid detection.☆61Updated 2 years ago
- Good CLR Host with Native patchless AMSI Bypass☆97Updated 8 months ago
- Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks☆134Updated last year
- A PoC for Early Cascade process injection technique.☆204Updated 11 months ago
- .NET assembly loader with patchless AMSI and ETW bypass in Rust☆58Updated last year
- The best powershell obfuscator ever made☆120Updated 5 months ago
- BOF with Synthetic Stackframe☆206Updated 2 months ago
- Generate Secure, Polymorphic, Evasive (lol) Payloads☆27Updated 3 months ago
- The Swiss army knife of evasion tool that bypasses AMSI, Applocker, and CLM mode simultaneously.☆27Updated last year
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆101Updated last year
- EDR & AV Bypass Arsenal— a comprehensive collection of tools, patches, and techniques for evading modern EDR and antivirus defenses.☆47Updated last month
- This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…☆137Updated 7 months ago
- Mockingjay process self injection POC☆43Updated 2 years ago
- Injecting DLL into LSASS at boot☆156Updated 8 months ago
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆184Updated 9 months ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆166Updated last year
- early cascade injection PoC based on Outflanks blog post☆234Updated last year
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆200Updated 4 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆101Updated 8 months ago
- Modern security products (CrowdStrike, Bitdefender, SentinelOne, etc.) hook the nLoadImage function inside clr.dll to intercept and scan …☆196Updated last month
- Encode shellcode into dictionary words for evasion and entropy reduction☆38Updated 3 weeks ago
- Ransomware written in go, encrypt - decrypt.☆30Updated 8 months ago
- PandaCrypter is a C#-based tool designed to convert PowerShell scripts into obfuscated batch files (.bat) with encryption and additional …☆41Updated 4 months ago
- a port of privkit bof for havoc☆24Updated 2 years ago
- 「⚠️」Performing a BYOVD on the truesight.sys driver☆44Updated last year
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆202Updated 2 years ago