PaulNorman01 / Forensia
Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.
☆725Updated last year
Related projects: ⓘ
- Killer tool is designed to bypass AV/EDR security tools using various evasive techniques.☆709Updated 2 months ago
- Little user-mode AV/EDR evasion lab for training & learning purposes☆976Updated 4 months ago
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆1,137Updated 11 months ago
- A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the …☆1,066Updated 2 months ago
- Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes☆905Updated last year
- A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage Power…☆628Updated 4 months ago
- ☆653Updated 5 months ago
- PowerShell Ransomware Simulator with C2 Server☆456Updated 8 months ago
- Awesome EDR Bypass Resources For Ethical Hacking☆887Updated 3 weeks ago
- A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file form…☆843Updated 3 months ago
- A light-weight first-stage C2 implant written in Nim.☆780Updated last month
- A centralized and enhanced memory analysis platform☆355Updated 2 weeks ago
- ☆426Updated this week
- Simulate the behavior of AV/EDR for malware development training.☆443Updated 7 months ago
- Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".☆608Updated 8 months ago
- A set of fully-undetectable process injection techniques abusing Windows Thread Pools☆912Updated 9 months ago
- Sandman is a NTP based backdoor for red team engagements in hardened networks.☆766Updated 5 months ago
- Dump cookies and credentials directly from Chrome/Edge process memory☆902Updated last week
- An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer☆695Updated last year
- MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.☆485Updated last month
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,113Updated 10 months ago
- Moriarty is designed to enumerate missing KBs, detect various vulnerabilities, and suggest potential exploits for Privilege Escalation in…☆468Updated last month
- ☆463Updated 2 years ago
- Automated Multi UAC BYPASS for win10|win11|win12-pre-release|ws2019|ws2022☆403Updated 2 months ago
- Real fucking shellcode encryptor & obfuscator tool☆630Updated 4 months ago
- A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compil…☆790Updated 2 months ago
- A PowerShell tool that takes strong inspiration from CrackMapExec / NetExec☆857Updated this week
- An offensive data enrichment pipeline☆595Updated 3 weeks ago
- Windows Local Privilege Escalation Cookbook☆919Updated 5 months ago