Alternatives and similar repositories for DefenseEvasionTechniques

Users that are interested in DefenseEvasionTechniques are comparing it to the libraries listed below

• brosck / Reaper
  「💀」Proof of concept on BYOVD attack
  ☆164Updated 9 months ago
• V-i-x-x / kernel-callback-removal
  kernel callback removal (Bypassing EDR Detections)
  ☆188Updated 5 months ago
• NtDallas / KrakenMask
  Sleep obfuscation
  ☆233Updated 9 months ago
• vxCrypt0r / AMSI_VEH
  A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…
  ☆164Updated last year
• S3N4T0R-0X0 / Hunter
  Охотник (Hunter) is a simple Adversary Simulation tool developed for achieves stealth through API unhooking, direct and indirect syscalls…
  ☆87Updated 4 months ago
• lsecqt / ThreadlessInject-C-Implementation
  This repository implements Threadless Injection in C
  ☆172Updated last year
• MalwareTech / EDRception
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆193Updated last year
• Maldev-Academy / AlphabeticalPolyShellGen
  Generate an Alphabetical Polymorphic Shellcode
  ☆115Updated 3 weeks ago
• ricardojoserf / NativeBypassCredGuard
  Bypass Credential Guard by patching WDigest.dll using only NTAPI functions
  ☆255Updated 5 months ago
• oh-az / NoArgs
  NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…
  ☆153Updated last year
• CyberSecurityUP / Offensive-Windows-Drivers-Development
  ☆161Updated 6 months ago
• 0xsch1zo / NullGate
  Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.
  ☆155Updated last month
• Maldev-Academy / LsassHijackingViaReg
  Injecting DLL into LSASS at boot
  ☆137Updated 4 months ago
• ph4nt0mbyt3 / Darkside
  C# AV/EDR Killer using less-known driver (BYOVD)
  ☆180Updated last year
• 0xJs / BYOVD_read_write_primitive
  Proof of Concepts code for Bring Your Own Vulnerable Driver techniques
  ☆176Updated 3 weeks ago
• Maldev-Academy / Christmas
  ☆260Updated last year
• fin3ss3g0d / StoneKeeper
  StoneKeeper C2, an experimental EDR evasion framework for research purposes
  ☆207Updated 8 months ago
• lem0nSec / KBlast
  Offensive Windows Kernel Toolset
  ☆131Updated 2 months ago
• rad9800 / FileRenameJunctionsEDRDisable
  ☆157Updated 9 months ago
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆47Updated last year
• captain-woof / malware-study
  My projects to understand malware development and detection. Use responsibly. I'm not responsible if you cause unauthorised damage to any…
  ☆88Updated 3 months ago
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆52Updated last year
• WKL-Sec / GregsBestFriend
  GregsBestFriend process injection code created from the White Knight Labs Offensive Development course
  ☆194Updated 2 years ago
• florylsk / ExecIT
  Execute shellcode files with rundll32
  ☆208Updated last year
• Octoberfest7 / Secure_Stager
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆192Updated 9 months ago
• naksyn / DojoLoader
  Generic PE loader for fast prototyping evasion techniques
  ☆235Updated last year
• AlteredSecurity / Disable-TamperProtection
  A POC to disable TamperProtection and other Defender / MDE components
  ☆228Updated last year
• TierZeroSecurity / edr_blocker
  Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…
  ☆140Updated last year
• deepinstinct / ShimMe
  ☆146Updated 10 months ago
• RWXstoned / LdrShuffle
  Code execution/injection technique using DLL PEB module structure manipulation
  ☆172Updated 3 months ago