ProcessusT / Bypass-AV-DirectSyscalls
Scripts permettant de contourner la protection antivirale de Windows Defender via la technique de Direct Syscalls avec une injection de shellcode préalablement obfusqué avec un fonction XOR.
☆26Updated last year
Related projects: ⓘ
- A C2 framework built for my bachelors thesis☆51Updated 2 months ago
- Ethical Remote Acces Tool Client and Server for W10 and Linux Persist functionality☆49Updated last year
- Exploits Scripts and other tools that are useful during Penetration-Testing or Red Team engagement☆60Updated 2 years ago
- Small project to facilitate creation of .lnk payloads☆60Updated last year
- AMSI Bypass for powershell☆29Updated 2 years ago
- Cobalt strike CNA script to notify you via Discord whenever there is a new beacon.☆32Updated 2 years ago
- this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)☆77Updated 8 months ago
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆41Updated last year
- Token Elevation to authorized user as SYSTEM or Domain Admins☆22Updated last year
- ☆46Updated 2 years ago
- ☆24Updated last year
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆45Updated 2 months ago
- C++ Code to perform a MiniDump of lsass.exe☆33Updated last year
- Cerez 😈 LD_PRELOAD rootkit☆21Updated last year
- Duplicate not owned Token from Running Process☆72Updated last year
- A havoc UI python module to help in reporting and vulnerabilities to exploit on an internal network.☆11Updated 10 months ago
- A collection of Cobalt Strike Aggressor scripts.☆80Updated 2 years ago
- A solution to create obfuscated shellcode from msfvenom for PowerShell.☆20Updated 2 years ago
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆37Updated 2 years ago
- VirusTotal Stealer is a DATA Exfiltration tool that exfitrate office documents and tunnel them over VirusTotal API to the Team Server☆62Updated 11 months ago
- A launcher to load a DLL with xored cobalt strike shellcode executed in memory through process hollowing technique☆24Updated last year
- This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…☆50Updated last year
- ☆19Updated last year
- C# havoc implant☆90Updated last year
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆74Updated 10 months ago
- A repository with my code snippets for research/education purposes.☆51Updated last year
- Reverse TCP Powershell has never been this paranoid. (basically an Opsec-safe reverse powershell)☆31Updated 2 years ago
- Hunt for C2 servers and phishing web sites using VirusTotal API , you can modify code to kill the malicious process☆63Updated 4 months ago
- Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10☆37Updated last year
- Scripts I use to deploy Havoc on Linode and setup categorization and SSL☆38Updated 3 months ago