Scripts permettant de contourner la protection antivirale de Windows Defender via la technique de Direct Syscalls avec une injection de shellcode préalablement obfusqué avec un fonction XOR.
☆31Oct 14, 2022Updated 3 years ago
Alternatives and similar repositories for Bypass-AV-DirectSyscalls
Users that are interested in Bypass-AV-DirectSyscalls are comparing it to the libraries listed below
Sorting:
- A havoc UI python module to help in reporting and vulnerabilities to exploit on an internal network.☆14Oct 31, 2023Updated 2 years ago
- Quickly generate every payload type for each listener and optionally host via HTTP.☆22Aug 23, 2021Updated 4 years ago
- Shellcode loader that loads shellcode from UUID's☆22Updated this week
- BOF for C2 framework☆44Nov 9, 2024Updated last year
- ☆20Mar 21, 2024Updated 2 years ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆25Sep 29, 2023Updated 2 years ago
- A tool to assist DLL hijacking via the Havoc GUI☆13Jan 9, 2024Updated 2 years ago
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…☆14Jul 16, 2025Updated 8 months ago
- a port of privkit bof for havoc☆23Dec 8, 2023Updated 2 years ago
- ☆21Nov 6, 2024Updated last year
- Making Shellcode fully undetectable using uuid☆23May 7, 2021Updated 4 years ago
- ☆14Dec 5, 2024Updated last year
- A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure …☆19Mar 6, 2025Updated last year
- Small tool to scan On-Premises Exchange servers, useful for analytical purposes and patch management☆20Aug 28, 2022Updated 3 years ago
- A Post-exploitation Toolset for Interacting with the Microsoft Graph API☆15Nov 16, 2023Updated 2 years ago
- string encryption in Nim☆19Jun 15, 2024Updated last year
- golang uuid-shellcode加载器,分离执行,可直接把shellcode写入程序。☆15Aug 12, 2021Updated 4 years ago
- A multithreaded, queued SSH key and/or password spraying tool.☆20Jan 5, 2023Updated 3 years ago
- this repo contains all nuclei templates for particular vulnerability that i used mosty while hunting..☆11Aug 15, 2024Updated last year
- Library of BOFs to interact with SQL servers☆16Dec 6, 2024Updated last year
- Bypass AMSI via PowerShell by splitting a file into multiple chunks☆53Jul 22, 2021Updated 4 years ago
- Un dropper de payload indétectable qui désactive l'antivirus Windows Defender puis paramètre un fichier batch à l'ouverture de session de…☆13Mar 6, 2021Updated 5 years ago
- Useful Cobalt Strike BOFs found or used during engagements☆143Oct 6, 2023Updated 2 years ago
- PE Crypter written in Nim☆101Mar 25, 2021Updated 4 years ago
- uuid-shellcode-execution☆13May 9, 2021Updated 4 years ago
- Golang C2 and Beacon/Agent built from the ground up for scalability and expandability☆14Mar 16, 2021Updated 5 years ago
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆21Feb 8, 2024Updated 2 years ago
- Run python from a single exe☆36May 1, 2022Updated 3 years ago
- This is a Sharp assembly loader in PowerShell☆13Oct 23, 2025Updated 4 months ago
- Mass Reverse IP Lookup is a multithreaded tool to reverse ip lookup a list of ip addresses using yougetsignal.com .☆21May 23, 2020Updated 5 years ago
- Port forwarding via MSRPC (445/tcp) [WIP]☆34Aug 26, 2021Updated 4 years ago
- KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default…☆14Jul 29, 2022Updated 3 years ago
- C# project to Reflectively load .Net assemblies in memory☆19Jun 19, 2024Updated last year
- A hacky way of getting cross-arch/platform support in Cobalt Strike☆37Aug 31, 2025Updated 6 months ago
- Scripts for importing threat feeds and CTI articles, blogs, and reports into MISP.☆18Jun 16, 2025Updated 9 months ago
- .NET wrapper around LogonUserA to test creds☆12Jun 2, 2022Updated 3 years ago
- Simple PoC from Malicious Payload Injection from Windows Event Log Entry☆28Aug 8, 2022Updated 3 years ago
- rust port of pspy with support for process monitoring over dbus☆36Jan 4, 2026Updated 2 months ago
- Network Execution Tool☆17Sep 23, 2024Updated last year