ProcessusT / Bypass-AV-DirectSyscallsLinks
Scripts permettant de contourner la protection antivirale de Windows Defender via la technique de Direct Syscalls avec une injection de shellcode préalablement obfusqué avec un fonction XOR.
☆28Updated 2 years ago
Alternatives and similar repositories for Bypass-AV-DirectSyscalls
Users that are interested in Bypass-AV-DirectSyscalls are comparing it to the libraries listed below
Sorting:
- A C2 framework built for my bachelors thesis☆55Updated 7 months ago
- Small project to facilitate creation of .lnk payloads☆69Updated 2 years ago
- A havoc UI python module to help in reporting and vulnerabilities to exploit on an internal network.☆12Updated last year
- ☆19Updated last year
- Bypass AMSI By Dividing files into multiple smaller files☆45Updated 2 years ago
- this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)☆82Updated last year
- Inject RDPThief into memory with PowerShell.☆64Updated 4 months ago
- Ethical Remote Acces Tool Client and Server for W10 and Linux Persist functionality☆50Updated 2 years ago
- Scripts I use to deploy Havoc on Linode and setup categorization and SSL☆40Updated last year
- The Swiss army knife of evasion tool that bypasses AMSI, Applocker, and CLM mode simultaneously.☆28Updated last year
- Encodes a payload within a generated mock-CSS file☆58Updated last year
- Token Elevation to authorized user as SYSTEM or Domain Admins☆23Updated 2 years ago
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆47Updated last year
- Duplicate not owned Token from Running Process☆72Updated last year
- C# havoc implant☆99Updated 2 years ago
- PowerShell script to generate ShellCode in various formats☆42Updated 8 months ago
- A solution to create obfuscated shellcode from msfvenom for PowerShell.☆26Updated 2 years ago
- Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe☆13Updated last year
- a C# implementation for a shellcode loader that capable to bypass Cortex XDR and Sophos EDR.☆30Updated last week
- A Havoc UI tool to pivot onto a machine using ligolo-ng☆44Updated last year
- ☆59Updated last year
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆80Updated last year
- ☆47Updated 3 years ago
- This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…☆51Updated 2 years ago
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆39Updated 2 years ago
- Cortex EDR Ransomware protection Bypass☆24Updated 3 months ago
- Generate password spraying lists based on the pwdLastSet-attribute of users.☆56Updated last year
- Exploits Scripts and other tools that are useful during Penetration-Testing or Red Team engagement☆64Updated 3 years ago
- ☆51Updated last year
- Situational Awareness script to identify how and where to run implants☆50Updated 5 months ago