This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
☆50May 8, 2024Updated last year
Alternatives and similar repositories for DV_NEW
Users that are interested in DV_NEW are comparing it to the libraries listed below
Sorting:
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆18Oct 31, 2024Updated last year
- An improvement and a different approach to Mockingjay Self-Injection.☆35May 21, 2024Updated last year
- Process Ghosting is a technique in which a process is created from a delete pending file. This means the created process is not backed by…☆16May 6, 2024Updated last year
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆28Sep 18, 2024Updated last year
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆32May 30, 2024Updated last year
- Automatically deploy Nemesis☆21Jun 14, 2024Updated last year
- Dll injection through code page id modification in registry. Based on jonas lykk research☆17Jun 18, 2022Updated 3 years ago
- string encryption in Nim☆19Jun 15, 2024Updated last year
- Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.☆290May 27, 2024Updated last year
- ☆17May 22, 2024Updated last year
- Direct syscalls Injection to bypass AV/EDR☆11May 18, 2024Updated last year
- BOF with Synthetic Stackframe☆233Oct 30, 2025Updated 4 months ago
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆45Sep 25, 2024Updated last year
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆195Feb 6, 2025Updated last year
- ☆38Oct 16, 2025Updated 5 months ago
- a C# implementation for a shellcode loader that capable to bypass Cortex XDR and Sophos EDR.☆93May 24, 2025Updated 9 months ago
- CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution☆51Apr 22, 2024Updated last year
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆158Nov 7, 2023Updated 2 years ago
- This exploit use PEB walk technique to resolve API calls dynamically, obfuscate all API calls to perform process injection.☆26Jul 26, 2024Updated last year
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆185Aug 2, 2023Updated 2 years ago
- reflectively load and execute PEs locally and remotely bypassing EDR hooks☆164Jan 4, 2024Updated 2 years ago
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆42May 18, 2024Updated last year
- Locate dlls and function addresses without PEB Walk and EAT parsing☆105Nov 7, 2025Updated 4 months ago
- A simple to use single-include Windows API resolver☆23Jul 9, 2024Updated last year
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆286Jun 8, 2023Updated 2 years ago
- BOF combination of KillDefender and Backstab☆167Mar 23, 2023Updated 3 years ago
- ☆29May 10, 2024Updated last year
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆95Apr 27, 2025Updated 10 months ago
- This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…☆140May 22, 2025Updated 10 months ago
- An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are a…☆139Oct 1, 2022Updated 3 years ago
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆190Mar 4, 2024Updated 2 years ago
- Hide code from dnSpy and other C# spying tools☆42Oct 18, 2020Updated 5 years ago
- Stage 0☆169Dec 18, 2024Updated last year
- Native Syscalls Shellcode Injector☆267Jul 2, 2023Updated 2 years ago
- In-memory sleep encryption and heap encryption for Go applications through a shellcode function.☆40Jan 14, 2024Updated 2 years ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆151Apr 18, 2025Updated 11 months ago
- Use hardware breakpoint to dynamically change SSN in run-time☆280Apr 10, 2024Updated last year
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆787Jan 26, 2026Updated last month
- Encypting the Heap while sleeping by hooking and modifying Sleep with our own sleep that encrypts the heap☆246Aug 2, 2023Updated 2 years ago