ProcessusT / Bypass-AV-DirectSyscalls
Scripts permettant de contourner la protection antivirale de Windows Defender via la technique de Direct Syscalls avec une injection de shellcode préalablement obfusqué avec un fonction XOR.
☆27Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for Bypass-AV-DirectSyscalls
- Cobalt strike CNA script to notify you via Discord whenever there is a new beacon.☆33Updated 2 years ago
- Small project to facilitate creation of .lnk payloads☆62Updated 2 years ago
- A C2 framework built for my bachelors thesis☆53Updated 3 weeks ago
- Exploits Scripts and other tools that are useful during Penetration-Testing or Red Team engagement☆61Updated 2 years ago
- AMSI Bypass for powershell☆30Updated 2 years ago
- Small collection of Active Directory pentesting tools.☆27Updated 9 months ago
- ☆25Updated last year
- ☆46Updated 2 years ago
- A solution to create obfuscated shellcode from msfvenom for PowerShell.☆23Updated 2 years ago
- Token Elevation to authorized user as SYSTEM or Domain Admins☆23Updated last year
- Working repo used to experiment with various languages as it relates to offensive security & evasion.☆30Updated 5 months ago
- Ethical Remote Acces Tool Client and Server for W10 and Linux Persist functionality☆50Updated last year
- Malicious powershell scripts loader designed to avoid detection.☆36Updated last year
- A havoc UI python module to help in reporting and vulnerabilities to exploit on an internal network.☆12Updated last year
- C# havoc implant☆96Updated last year
- A C# program featuring an all-in-one bypass for CLM, AppLocker and AMSI using Runspace.☆17Updated 2 years ago
- Duplicate not owned Token from Running Process☆72Updated last year
- Bypass AMSI By Dividing files into multiple smaller files☆45Updated last year
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆51Updated 4 months ago
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆43Updated last year
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆81Updated last year
- Reverse TCP Powershell has never been this paranoid. (basically an Opsec-safe reverse powershell)☆30Updated 2 years ago
- PowerShell script to terminate protected processes such as anti-malware and EDRs.☆27Updated last year
- this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)☆77Updated 11 months ago
- PoC-Malware-TTPs☆49Updated last year
- A repository with my code snippets for research/education purposes.☆50Updated last year
- Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe☆13Updated 11 months ago
- A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro…☆22Updated 2 years ago