ProcessusT / Bypass-AV-DirectSyscallsLinks
Scripts permettant de contourner la protection antivirale de Windows Defender via la technique de Direct Syscalls avec une injection de shellcode préalablement obfusqué avec un fonction XOR.
☆30Updated 2 years ago
Alternatives and similar repositories for Bypass-AV-DirectSyscalls
Users that are interested in Bypass-AV-DirectSyscalls are comparing it to the libraries listed below
Sorting:
- A C2 framework built for my bachelors thesis☆55Updated 9 months ago
- this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)☆83Updated last year
- A collection of Cobalt Strike Aggressor scripts.☆102Updated 3 years ago
- Obfuscated, FUD Simple PowerShell Reverse Shell One-Liner☆78Updated last year
- Small project to facilitate creation of .lnk payloads☆73Updated 2 years ago
- Scripts I use to deploy Havoc on Linode and setup categorization and SSL☆42Updated last year
- PowerShell runner for executing malicious payloads in order to bypass Windows Defender.☆73Updated 3 years ago
- Inject RDPThief into memory with PowerShell.☆65Updated 7 months ago
- ☆70Updated 5 months ago
- Ethical Remote Acces Tool Client and Server for W10 and Linux Persist functionality☆50Updated 2 years ago
- A repository with my code snippets for research/education purposes.☆51Updated 2 years ago
- A modification to fortra's CVE-2023-28252 exploit, compiled to exe☆54Updated last year
- C# havoc implant☆101Updated 2 years ago
- A Havoc UI tool to pivot onto a machine using ligolo-ng☆47Updated last year
- PowerShell script to terminate protected processes such as anti-malware and EDRs.☆28Updated 2 years ago
- An updated version of keystroke logger targeting the Remote Desktop Protocol (RDP) related processes, It utilizes a low-level keyboard in…☆104Updated 2 years ago
- A havoc UI python module to help in reporting and vulnerabilities to exploit on an internal network.☆12Updated last year
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆47Updated 2 years ago
- C# tool to identify and exploit weaknesses within MSSQL instances in Active Directory environments☆111Updated 3 years ago
- Duplicate not owned Token from Running Process☆72Updated 2 years ago
- PoC for dumping and decrypting cookies in the latest version of Microsoft Teams☆132Updated last year
- PowerShell Reverse Shell☆78Updated 2 years ago
- A GUI wrapper inside of Havoc to interact with bloodhound CE☆73Updated last year
- PowerShell script to generate ShellCode in various formats☆43Updated 11 months ago
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆98Updated last year
- Deploy a phishing infrastructure on the fly.☆75Updated 8 months ago
- Bypass AMSI By Dividing files into multiple smaller files☆46Updated 2 years ago
- ☆105Updated 11 months ago
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆84Updated last year
- The Swiss army knife of evasion tool that bypasses AMSI, Applocker, and CLM mode simultaneously.☆27Updated last year