☆113May 24, 2022Updated 4 years ago
Alternatives and similar repositories for Journey-to-McAfee
Users that are interested in Journey-to-McAfee are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆100Mar 27, 2022Updated 4 years ago
- ☆28Dec 29, 2021Updated 4 years ago
- ☆210Feb 24, 2022Updated 4 years ago
- Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime☆311Aug 2, 2023Updated 2 years ago
- Hookers are cooler than patches.☆171Jan 21, 2022Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- some gadgets about windows process and ready to use :)☆615Oct 7, 2023Updated 2 years ago
- This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …☆259Jul 7, 2022Updated 3 years ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆246Sep 26, 2023Updated 2 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆305Oct 26, 2022Updated 3 years ago
- ☆128Jun 28, 2023Updated 3 years ago
- ☆785Oct 17, 2023Updated 2 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆141Sep 12, 2022Updated 3 years ago
- This project is created for research into antivirus evasion by unhooking.☆18Sep 2, 2021Updated 4 years ago
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆377May 24, 2022Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"☆51Mar 2, 2022Updated 4 years ago
- .NET assembly loader with patchless AMSI and ETW bypass☆384Apr 19, 2023Updated 3 years ago
- C# Utilities for Windows Notification Facility☆158Apr 14, 2025Updated last year
- Stop Defender Service using C# via Token Impersonation☆171Jan 30, 2022Updated 4 years ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)☆1,506Dec 21, 2023Updated 2 years ago
- A technique of hiding malicious shellcode via Shannon encoding.☆271Oct 23, 2022Updated 3 years ago
- KaynLdr is a Reflective Loader written in C/ASM☆554Dec 3, 2023Updated 2 years ago
- RunPE implementation with multiple evasive techniques (1)☆388Sep 22, 2023Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.☆56Jun 30, 2021Updated 5 years ago
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆112Jul 15, 2023Updated 2 years ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆88Jun 24, 2022Updated 4 years ago
- Pure C++, weaponized, fully automated implementation of RottenPotatoNG☆313Sep 16, 2021Updated 4 years ago
- Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting☆365Dec 19, 2022Updated 3 years ago
- In-memory token vault BOF for Cobalt Strike☆150Aug 18, 2022Updated 3 years ago
- all credits go to @mgeeky☆65Oct 14, 2021Updated 4 years ago
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,396Oct 27, 2023Updated 2 years ago
- For when DLLMain is the only way☆433Oct 29, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A simple BOF that frees UDRLs☆123May 29, 2022Updated 4 years ago
- ☆153Jan 6, 2023Updated 3 years ago
- POC for frustrating/defeating Malware Analysts☆155Jun 12, 2022Updated 4 years ago
- Kernel mode WinDbg extension and PoCs for token privilege investigation.☆921May 22, 2026Updated last month
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 3 years ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆296Jul 15, 2023Updated 2 years ago
- Tools and PoCs for Windows syscall investigation.☆364Dec 2, 2025Updated 6 months ago