ProcessusT/Bypass-AV-DirectSyscalls external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

ProcessusT/Bypass-AV-DirectSyscalls

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ProcessusT/Bypass-AV-DirectSyscalls)

Close

ProcessusT / Bypass-AV-DirectSyscallsView on GitHubMore

• External links
• Readme badge

Scripts permettant de contourner la protection antivirale de Windows Defender via la technique de Direct Syscalls avec une injection de shellcode préalablement obfusqué avec un fonction XOR.

☆30Oct 14, 2022Updated 3 years ago

Alternatives and similar repositories for Bypass-AV-DirectSyscalls

Users that are interested in Bypass-AV-DirectSyscalls are comparing it to the libraries listed below

• p4p1 / havoc-reporter

  View on GitHub
  A havoc UI python module to help in reporting and vulnerabilities to exploit on an internal network.
  ☆14Oct 31, 2023Updated 2 years ago
• p4p1 / havoc-privkit

  View on GitHub
  a port of privkit bof for havoc
  ☆23Dec 8, 2023Updated 2 years ago
• Orange-Cyberdefense / EDRSnowblast

  View on GitHub
  This project is an EDRSandblast fork, adding some features and custom pieces of code.
  ☆25Sep 29, 2023Updated 2 years ago
• WJDigby / hashms

  View on GitHub
  Periodically check hashcat cracking progress and notify of success.
  ☆10Dec 18, 2018Updated 7 years ago
• LazyTitan33 / DomainPasswordSpray

  View on GitHub
  DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…
  ☆13Jul 16, 2025Updated 7 months ago
• m7rick / Havoc-DLLHijack

  View on GitHub
  A tool to assist DLL hijacking via the Havoc GUI
  ☆12Jan 9, 2024Updated 2 years ago
• JayGLXR / RustySpy

  View on GitHub
  A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure …
  ☆19Mar 6, 2025Updated 11 months ago
• mcorybillington / sshspray

  View on GitHub
  A multithreaded, queued SSH key and/or password spraying tool.
  ☆20Jan 5, 2023Updated 3 years ago
• mr-r3bot / bof-modules

  View on GitHub
  BOF for C2 framework
  ☆44Nov 9, 2024Updated last year
• CCob / SQL-BOF

  View on GitHub
  Library of BOFs to interact with SQL servers
  ☆16Dec 6, 2024Updated last year
• snovvcrash / KrbRelayUp

  View on GitHub
  KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default…
  ☆14Jul 29, 2022Updated 3 years ago
• S3cur3Th1sSh1t / nim-strenc

  View on GitHub
  string encryption in Nim
  ☆20Jun 15, 2024Updated last year
• ruuand / ruuand.github.io

  View on GitHub
  Wiki for stuff
  ☆38Aug 6, 2021Updated 4 years ago
• gtworek / SysvolExplorer

  View on GitHub
  Active Directory Group Policy analyzer
  ☆18Sep 20, 2019Updated 6 years ago
• wsummerhill / IPv4Fuscation-Encrypted

  View on GitHub
  ☆20Mar 21, 2024Updated last year
• matro7sh / havoc-sharPersist

  View on GitHub
  ☆14Dec 5, 2024Updated last year
• Tylous / GraphRunner

  View on GitHub
  A Post-exploitation Toolset for Interacting with the Microsoft Graph API
  ☆15Nov 16, 2023Updated 2 years ago
• b4nbird / shellcode_entropy_less

  View on GitHub
  replace the shellcode chatacters so that reduce the entropy
  ☆18Sep 14, 2023Updated 2 years ago
• p4p1 / havoc-ligolo

  View on GitHub
  A Havoc UI tool to pivot onto a machine using ligolo-ng
  ☆50Jan 23, 2024Updated 2 years ago
• safebuffer / exchange-cves-scanner

  View on GitHub
  Small tool to scan On-Premises Exchange servers, useful for analytical purposes and patch management
  ☆20Aug 28, 2022Updated 3 years ago
• PShlyundin / Coverage

  View on GitHub
  A Python-based tool for analyzing Active Directory security posture by processing LDAP dumps, NTDS.dit extracts, and password cracking re…
  ☆26May 6, 2025Updated 9 months ago
• JkMaFlLi / xorInject

  View on GitHub
  ☆21Nov 6, 2024Updated last year
• iamagarre / BadExclusions

  View on GitHub
  BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR
  ☆21Feb 8, 2024Updated 2 years ago
• 0xTriboulet / scepter-rs

  View on GitHub
  A hacky way of getting cross-arch/platform support in Cobalt Strike
  ☆37Aug 31, 2025Updated 6 months ago
• 11philip22 / uuid-to-shellcode

  View on GitHub
  Loader that loads shellcode from UUID's
  ☆23Aug 21, 2025Updated 6 months ago
• kozmer / rspy

  View on GitHub
  rust port of pspy with support for process monitoring over dbus
  ☆35Jan 4, 2026Updated last month
• Cracked5pider / kaine-assembly

  View on GitHub
  a demo module for the kaine agent to execute and inject assembly modules
  ☆41Aug 28, 2024Updated last year
• eliemoutran / Mass-Reverse-IP-Lookup

  View on GitHub
  Mass Reverse IP Lookup is a multithreaded tool to reverse ip lookup a list of ip addresses using yougetsignal.com .
  ☆21May 23, 2020Updated 5 years ago
• martabyte / Red-Team-Ops

  View on GitHub
  Notes about the YouTube playlist: Red Team Operations with Cobalt Strike (2019)
  ☆20Feb 16, 2021Updated 5 years ago
• ProcessusT / PayloadDropper

  View on GitHub
  Un dropper de payload indétectable qui désactive l'antivirus Windows Defender puis paramètre un fichier batch à l'ouverture de session de…
  ☆13Mar 6, 2021Updated 4 years ago
• jrrgimenez / Nim-HalosGate-Injector

  View on GitHub
  Shellcode Injector that obtains system call opcodes using the Halo's Gate method to evade EDR Hooks.
  ☆20Feb 2, 2022Updated 4 years ago
• NUL0x4C / HookingLsassForCredentials

  View on GitHub
  Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
  ☆61May 12, 2025Updated 9 months ago
• spacialsec / RustAutoRecon

  View on GitHub
  A blazing fast, high performance implementation of AutoRecon in Rust. A multi-threaded network reconnaissance tool which performs automa…
  ☆44Dec 30, 2024Updated last year
• f0cker / pypal

  View on GitHub
  Python port of Pipal for password analytics
  ☆22Oct 3, 2023Updated 2 years ago
• whydee86 / FUD-ShellCode-UUID

  View on GitHub
  Making Shellcode fully undetectable using uuid
  ☆23May 7, 2021Updated 4 years ago
• threatexpress / cobaltstrike_payload_generator

  View on GitHub
  Quickly generate every payload type for each listener and optionally host via HTTP.
  ☆22Aug 23, 2021Updated 4 years ago
• warferik / CVE-2019-3980

  View on GitHub
  ☆18Dec 12, 2020Updated 5 years ago
• wsummerhill / CobaltStrike_BOF_Collections

  View on GitHub
  Useful Cobalt Strike BOFs found or used during engagements
  ☆143Oct 6, 2023Updated 2 years ago
• NioZow / bof-collection

  View on GitHub
  ☆21Feb 22, 2025Updated last year