Alternatives and similar repositories for DefenseEvasionTechniques:

Users that are interested in DefenseEvasionTechniques are comparing it to the libraries listed below

• Maldev-Academy / Christmas
  ☆254Updated last year
• ZERODETECTION / MSC_Dropper
  ☆144Updated 7 months ago
• brosck / Reaper
  「💀」Proof of concept on BYOVD attack
  ☆155Updated 3 months ago
• MalwareTech / EDRception
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆181Updated last year
• NtDallas / KrakenMask
  Sleep obfuscation
  ☆210Updated 3 months ago
• vxCrypt0r / AMSI_VEH
  A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…
  ☆157Updated 9 months ago
• oldkingcone / BYOSI
  Evade EDR's the simple way, by not touching any of the API's they hook.
  ☆89Updated last month
• dobin / SuperMega
  Stealthily inject shellcode into an executable
  ☆155Updated 3 weeks ago
• Octoberfest7 / Secure_Stager
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆182Updated 3 months ago
• cybersectroll / TrollAMSI
  ☆170Updated 4 months ago
• lsecqt / ThreadlessInject-C-Implementation
  This repository implements Threadless Injection in C
  ☆161Updated last year
• 0xsp-SRD / MDE_Enum
  comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…
  ☆195Updated 9 months ago
• souzomain / Shaco
  Shaco is a linux agent for havoc
  ☆156Updated last year
• oh-az / NoArgs
  NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…
  ☆151Updated 10 months ago
• ricardojoserf / NativeBypassCredGuard
  Bypass Credential Guard by patching WDigest.dll using only NTAPI functions
  ☆232Updated 3 months ago
• Maldev-Academy / GhostlyHollowingViaTamperedSyscalls
  Implementing the ghostly hollowing PE injection technique using tampered syscalls.
  ☆138Updated last week
• icyguider / LatLoader
  PoC module to demonstrate automated lateral movement with the Havoc C2 framework.
  ☆289Updated last year
• decoder-it / TokenStealer
  ☆165Updated last year
• som3canadian / Cloudflare-Redirector
  Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.
  ☆147Updated last week
• Faisal-P27 / WAREED-DNS-C2
  ☆114Updated 11 months ago
• gabriellandau / EDRSandblast-GodFault
  EDRSandblast-GodFault
  ☆257Updated last year
• naksyn / DojoLoader
  Generic PE loader for fast prototyping evasion techniques
  ☆228Updated 8 months ago
• senzee1984 / MutationGate
  Use hardware breakpoint to dynamically change SSN in run-time
  ☆245Updated 11 months ago
• deepinstinct / ShimMe
  ☆136Updated 4 months ago
• rad9800 / FileRenameJunctionsEDRDisable
  ☆149Updated 3 months ago
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆63Updated 9 months ago
• rasta-mouse / process-inject-kit
  Port of Cobalt Strike's Process Inject Kit
  ☆171Updated 3 months ago
• trickster0 / NamelessC2
  Nameless C2 - A C2 with all its components written in Rust
  ☆262Updated 5 months ago
• CICADA8-Research / COMThanasia
  A set of programs for analyzing common vulnerabilities in COM
  ☆199Updated 6 months ago