This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
☆51May 8, 2024Updated last year
Alternatives and similar repositories for DV_NEW
Users that are interested in DV_NEW are comparing it to the libraries listed below
Sorting:
- An improvement and a different approach to Mockingjay Self-Injection.☆35May 21, 2024Updated last year
- Process Ghosting is a technique in which a process is created from a delete pending file. This means the created process is not backed by…☆16May 6, 2024Updated last year
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆33May 30, 2024Updated last year
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆18Oct 31, 2024Updated last year
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆28Sep 18, 2024Updated last year
- Automatically deploy Nemesis☆21Jun 14, 2024Updated last year
- string encryption in Nim☆20Jun 15, 2024Updated last year
- Dll injection through code page id modification in registry. Based on jonas lykk research☆17Jun 18, 2022Updated 3 years ago
- Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.☆289May 27, 2024Updated last year
- CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution☆51Apr 22, 2024Updated last year
- a C# implementation for a shellcode loader that capable to bypass Cortex XDR and Sophos EDR.☆91May 24, 2025Updated 9 months ago
- BOF with Synthetic Stackframe☆225Oct 30, 2025Updated 4 months ago
- Direct syscalls Injection to bypass AV/EDR☆12May 18, 2024Updated last year
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆93Apr 27, 2025Updated 10 months ago
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆43May 18, 2024Updated last year
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆158Nov 7, 2023Updated 2 years ago
- ☆29May 10, 2024Updated last year
- ☆38Oct 16, 2025Updated 4 months ago
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆45Sep 25, 2024Updated last year
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆195Feb 6, 2025Updated last year
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆185Aug 2, 2023Updated 2 years ago
- OneDrive, operating on Microsoft Windows 11 Pro is vulnerable to DLL hijacking.☆21Nov 9, 2023Updated 2 years ago
- A simple to use single-include Windows API resolver☆23Jul 9, 2024Updated last year
- Use hardware breakpoint to dynamically change SSN in run-time☆279Apr 10, 2024Updated last year
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆285Jun 8, 2023Updated 2 years ago
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆190Mar 4, 2024Updated last year
- NimReflectiveLoader is a Nim-based tool for in-memory DLL execution using Reflective DLL Loading.☆30Jan 21, 2024Updated 2 years ago
- BOF combination of KillDefender and Backstab☆167Mar 23, 2023Updated 2 years ago
- Stage 0☆169Dec 18, 2024Updated last year
- ☆19Nov 28, 2024Updated last year
- Basic interactive Windows kernel offensive toolkit written in C☆137Sep 20, 2025Updated 5 months ago
- ☆100Sep 1, 2024Updated last year
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆137Apr 18, 2025Updated 10 months ago
- This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…☆138May 22, 2025Updated 9 months ago
- ☆92May 15, 2024Updated last year
- Terminate AV/EDR leveraging BYOVD attack☆104Mar 21, 2025Updated 11 months ago
- Rewrite to fit my needs☆32Jul 20, 2024Updated last year
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆776Jan 26, 2026Updated last month
- Modified versions of the Cobalt Strike Process Injection Kit☆106Jan 24, 2024Updated 2 years ago