☆113May 24, 2022Updated 3 years ago
Alternatives and similar repositories for Journey-to-McAfee
Users that are interested in Journey-to-McAfee are comparing it to the libraries listed below
Sorting:
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆100Mar 27, 2022Updated 3 years ago
- ☆207Feb 24, 2022Updated 4 years ago
- Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime☆314Aug 2, 2023Updated 2 years ago
- ☆26Dec 29, 2021Updated 4 years ago
- Hookers are cooler than patches.☆170Jan 21, 2022Updated 4 years ago
- ☆128Jun 28, 2023Updated 2 years ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆243Sep 26, 2023Updated 2 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆140Sep 12, 2022Updated 3 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆301Oct 26, 2022Updated 3 years ago
- This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …☆256Jul 7, 2022Updated 3 years ago
- .NET assembly loader with patchless AMSI and ETW bypass☆370Apr 19, 2023Updated 2 years ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- RunPE implementation with multiple evasive techniques (1)☆383Sep 22, 2023Updated 2 years ago
- POC for frustrating/defeating Malware Analysts☆156Jun 12, 2022Updated 3 years ago
- all credits go to @mgeeky☆65Oct 14, 2021Updated 4 years ago
- some gadgets about windows process and ready to use :)☆611Oct 7, 2023Updated 2 years ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆88Jun 24, 2022Updated 3 years ago
- C# Utilities for Windows Notification Facility☆159Apr 14, 2025Updated 10 months ago
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆374May 24, 2022Updated 3 years ago
- In-memory token vault BOF for Cobalt Strike☆149Aug 18, 2022Updated 3 years ago
- A BOF to determine Windows Defender exclusions.☆253Jun 25, 2023Updated 2 years ago
- This project is created for research into antivirus evasion by unhooking.☆18Sep 2, 2021Updated 4 years ago
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆111Jul 15, 2023Updated 2 years ago
- ☆776Oct 17, 2023Updated 2 years ago
- Stop Defender Service using C# via Token Impersonation☆169Jan 30, 2022Updated 4 years ago
- A simple BOF that frees UDRLs☆122May 29, 2022Updated 3 years ago
- WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.☆56Jun 30, 2021Updated 4 years ago
- ☆129Dec 4, 2023Updated 2 years ago
- ☆153Jan 6, 2023Updated 3 years ago
- evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)☆1,497Dec 21, 2023Updated 2 years ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆293Jul 15, 2023Updated 2 years ago
- A technique of hiding malicious shellcode via Shannon encoding.☆264Oct 23, 2022Updated 3 years ago
- Tools and PoCs for Windows syscall investigation.☆367Dec 2, 2025Updated 3 months ago
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,369Oct 27, 2023Updated 2 years ago
- KaynLdr is a Reflective Loader written in C/ASM☆553Dec 3, 2023Updated 2 years ago
- Find DLLs with RWX section☆79Jul 3, 2023Updated 2 years ago
- Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting☆362Dec 19, 2022Updated 3 years ago
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆52Jul 15, 2023Updated 2 years ago
- It stinks☆105Apr 22, 2022Updated 3 years ago