CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution
☆51Apr 22, 2024Updated last year
Alternatives and similar repositories for SharpVenoma
Users that are interested in SharpVenoma are comparing it to the libraries listed below
Sorting:
- Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution☆199May 29, 2025Updated 9 months ago
- ☆12Nov 12, 2023Updated 2 years ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆102Jun 16, 2024Updated last year
- Shadow Rebirth - An Aggressive Outbreak Anti-Debugging Technique☆20Dec 3, 2024Updated last year
- List/Read contents of Zip files (in memory and without extraction) using CobaltStrike's Execute-Assembly☆61May 24, 2022Updated 3 years ago
- Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"☆31Jan 14, 2023Updated 3 years ago
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆50May 8, 2024Updated last year
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆45Sep 25, 2024Updated last year
- a stage1 DLL loader with sleep obfuscation☆36Dec 27, 2022Updated 3 years ago
- A simple BOF (Beacon Object File) to search files in the system☆15Dec 2, 2023Updated 2 years ago
- Bypass EDR Create TaskServers☆39Dec 24, 2022Updated 3 years ago
- Just another repository for malware development☆13May 12, 2024Updated last year
- Use Rust to implement some Red Team techniques :)☆13Nov 11, 2024Updated last year
- HTML smuggling is not an evil, it can be useful☆14Jan 28, 2023Updated 3 years ago
- ☆38Oct 16, 2025Updated 5 months ago
- A C# Solution Source Obfuscator for avoiding AV signatures with minimal user interaction. Powered by the Roslyn C# library.☆100Mar 25, 2025Updated 11 months ago
- AV bypass while you sip your Chai!☆223May 17, 2024Updated last year
- Bypassing AV, EDR, Application Whitelisting and ASR Rules☆13Apr 18, 2023Updated 2 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆107Mar 8, 2023Updated 3 years ago
- Excel Add In Payload Generator☆14Oct 9, 2023Updated 2 years ago
- A collection of (even more) alternative shellcode callback methods in CSharp☆81Oct 26, 2024Updated last year
- ☆29May 10, 2024Updated last year
- ☆63Apr 4, 2024Updated last year
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- One-header configurable C++20 COFF loader☆21Jul 21, 2025Updated 7 months ago
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆49Mar 10, 2023Updated 3 years ago
- An (WIP) EDR Evasion tool for x64 Windows & Linux binaries that utilizes Nanomites, written in Rust.☆21Dec 15, 2024Updated last year
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆84Jan 6, 2023Updated 3 years ago
- An example of Windows self-replicating malware.☆11Jan 16, 2023Updated 3 years ago
- A PoC to deploy a Sliver Agent with amsi bypass, process injection, hollowing and OpSec☆29Oct 2, 2024Updated last year
- ☆28Sep 1, 2023Updated 2 years ago
- A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike☆193Oct 29, 2025Updated 4 months ago
- A Windows tool that converts LDIF files to BloodHound CE☆31Dec 20, 2025Updated 3 months ago
- ☆110Feb 17, 2025Updated last year
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer☆542Feb 13, 2024Updated 2 years ago
- Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS head…☆596Jul 26, 2021Updated 4 years ago
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆17Aug 14, 2023Updated 2 years ago
- remote process injections using pool party techniques☆70Jun 29, 2025Updated 8 months ago
- ☆142May 4, 2022Updated 3 years ago