Maldev-Academy / Christmas
☆254Updated last year
Alternatives and similar repositories for Christmas:
Users that are interested in Christmas are comparing it to the libraries listed below
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆181Updated last year
- Slides & Code snippets for a workshop held @ x33fcon 2024☆255Updated 9 months ago
- Use hardware breakpoint to dynamically change SSN in run-time☆245Updated 11 months ago
- Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.☆277Updated 9 months ago
- Reduce Entropy And Obfuscate Youre Payload With Serialized Linked Lists☆421Updated last year
- .NET assembly loader with patchless AMSI and ETW bypass☆319Updated last year
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆157Updated 9 months ago
- EDRSandblast-GodFault☆257Updated last year
- Encrypted shellcode Injection to avoid Kernel triggered memory scans☆365Updated last year
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆347Updated 3 months ago
- Exploitation of process killer drivers☆197Updated last year
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆202Updated 2 years ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆335Updated last month
- Remote Shellcode Injector☆212Updated last year
- Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.☆390Updated last year
- Lateral Movement Using DCOM and DLL Hijacking☆287Updated last year
- ☆253Updated 2 years ago
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆308Updated last year
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆292Updated last year
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆303Updated 11 months ago
- Shaco is a linux agent for havoc☆156Updated last year
- Stealthily inject shellcode into an executable☆155Updated 3 weeks ago
- C++ self-Injecting dropper based on various EDR evasion techniques.☆366Updated last year
- This repository implements Threadless Injection in C☆161Updated last year
- Kill AV/EDR leveraging BYOVD attack☆343Updated last year
- This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…☆111Updated last month
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆257Updated 6 months ago
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆289Updated last year
- Sleep obfuscation☆210Updated 3 months ago