Octoberfest7/BeatRev

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Octoberfest7/BeatRev)

Octoberfest7 / BeatRev

POC for frustrating/defeating Malware Analysts

☆156

Alternatives and similar repositories for BeatRev

Users that are interested in BeatRev are comparing it to the libraries listed below

Sorting:

Octoberfest7 / KDStab
View on GitHub
BOF combination of KillDefender and Backstab
☆167Mar 23, 2023Updated 2 years ago
Octoberfest7 / Mutants_Sessions_Self-Deletion
View on GitHub
Writeup of Payload Techniques in C involving Mutants, Session 1 -> Session 0 migration, and Self-Deletion of payloads.
☆129Apr 24, 2022Updated 3 years ago
Octoberfest7 / XLL_Phishing
View on GitHub
XLL Phishing Tradecraft
☆439May 24, 2022Updated 3 years ago
Octoberfest7 / JumpSession_BOF
View on GitHub
Beacon Object File allowing creation of Beacons in different sessions.
☆83May 23, 2022Updated 3 years ago
Octoberfest7 / EventViewerUAC_BOF
View on GitHub
Beacon Object File implementation of Event Viewer deserialization UAC bypass
☆133May 6, 2022Updated 3 years ago
janoglezcampos / DeathSleep
View on GitHub
A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…
☆536Aug 1, 2022Updated 3 years ago
pwn1sher / uuid-loader
View on GitHub
UUID based Shellcode loader for your favorite C2
☆86Dec 8, 2021Updated 4 years ago
Cerbersec / Ares
View on GitHub
Project Ares is a Proof of Concept (PoC) loader written in C/C++ based on the Transacted Hollowing technique
☆337Jan 16, 2022Updated 4 years ago
jfmaes / AmsiHooker
View on GitHub
Hookers are cooler than patches.
☆170Jan 21, 2022Updated 4 years ago
ZeroMemoryEx / SleepKiller
View on GitHub
Bypass Malware Time Delays
☆107Sep 23, 2022Updated 3 years ago
janoglezcampos / c_syscalls
View on GitHub
Single stub direct and indirect syscalling with runtime SSN resolving for windows.
☆140Sep 12, 2022Updated 3 years ago
Wra7h / SharpGhosting
View on GitHub
Process Ghosting in C#
☆219Jan 24, 2022Updated 4 years ago
boku7 / halosgate-ps
View on GitHub
Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes
☆108Mar 8, 2023Updated 2 years ago
sailay1996 / CdpSvcLPE
View on GitHub
Windows Local Privilege Escalation via CdpSvc service (Writeable SYSTEM path Dll Hijacking)
☆254Sep 15, 2022Updated 3 years ago
susMdT / SharpAgent
View on GitHub
C# havoc implant
☆100Feb 12, 2023Updated 3 years ago
Cerbersec / KillDefenderBOF
View on GitHub
Beacon Object File PoC implementation of KillDefender
☆236Apr 12, 2022Updated 3 years ago
zimnyaa / noWatch
View on GitHub
Implant drop-in for EDR testing
☆147Nov 15, 2023Updated 2 years ago
pwn1sher / WMEye
View on GitHub
WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement
☆369Dec 24, 2021Updated 4 years ago
Kudaes / Elevator
View on GitHub
UAC bypass by abusing RPC and debug objects.
☆627Oct 19, 2023Updated 2 years ago
SolomonSklash / SleepyCrypt
View on GitHub
A shellcode function to encrypt a running process image when sleeping.
☆340Sep 11, 2021Updated 4 years ago
apokryptein / secinject
View on GitHub
Section Mapping Process Injection (secinject): Cobalt Strike BOF
☆102Jan 7, 2022Updated 4 years ago
Cracked5pider / CoffeeLdr
View on GitHub
Beacon Object File Loader
☆293Dec 3, 2023Updated 2 years ago
S4ntiagoP / freeBokuLoader
View on GitHub
A simple BOF that frees UDRLs
☆122May 29, 2022Updated 3 years ago
mgeeky / ElusiveMice
View on GitHub
Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
☆482Jul 12, 2023Updated 2 years ago
xforcered / BOFMask
View on GitHub
☆129Jun 28, 2023Updated 2 years ago
waldo-irc / YouMayPasser
View on GitHub
You shall pass
☆270Jul 16, 2022Updated 3 years ago
alfarom256 / StinkyLoader
View on GitHub
It stinks
☆105Apr 22, 2022Updated 3 years ago
HavocFramework / Modules
View on GitHub
Modules used by the Havoc Framework
☆262Jun 17, 2024Updated last year
Octoberfest7 / Cohab_Processes
View on GitHub
A small Aggressor script to help Red Teams identify foreign processes on a host machine
☆84Jan 6, 2023Updated 3 years ago
deepinstinct / Dirty-Vanity
View on GitHub
A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…
☆676Dec 23, 2022Updated 3 years ago
HackingLZ / ExtractedDefender
View on GitHub
Collection of extracted Microsoft Defender data for security research purposes
☆233Jun 23, 2022Updated 3 years ago
EspressoCake / DLL-Exports-Extraction-BOF
View on GitHub
DLL Exports Extraction BOF with optional NTFS transactions.
☆90Nov 5, 2021Updated 4 years ago
0xsp-SRD / callback_injection-Csharp
View on GitHub
this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…
☆88Jun 24, 2022Updated 3 years ago
VirtualAlllocEx / Create-Thread-Shellcode-Fetcher
View on GitHub
This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and down…
☆257May 25, 2023Updated 2 years ago
kyleavery / AceLdr
View on GitHub
Cobalt Strike UDRL for memory scanner evasion.
☆1,006Jun 4, 2024Updated last year
klezVirus / NimlineWhispers3
View on GitHub
A tool for converting SysWhispers3 syscalls for use with Nim projects
☆147Jun 2, 2022Updated 3 years ago
pwn1sher / frostbyte
View on GitHub
FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads
☆385Apr 16, 2022Updated 3 years ago
paranoidninja / Process-Instrumentation-Syscall-Hook
View on GitHub
A simple program to hook the current process to identify the manual syscall executions on windows
☆265Nov 18, 2022Updated 3 years ago
trustedsec / CS-Remote-OPs-BOF
View on GitHub
Remote operations commands implemented using Beacon Object Files
☆1,120Updated this week