Unprotect-Project / FuncInEvasionTechniqueDemo
☆34Updated last year
Alternatives and similar repositories for FuncInEvasionTechniqueDemo:
Users that are interested in FuncInEvasionTechniqueDemo are comparing it to the libraries listed below
- A pure C version of SymProcAddress☆26Updated last year
- Creation and removal of Defender path exclusions and exceptions in C#.☆31Updated last year
- A method to execute shellcode using RegisterWaitForInputIdle API.☆52Updated 2 years ago
- API Hammering with C++20☆46Updated 2 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated last year
- ☆34Updated 3 weeks ago
- Self delete DLL (2)☆14Updated last year
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆85Updated 2 years ago
- Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming an…☆31Updated last year
- Sleep Obfuscation☆45Updated 2 years ago
- ☆59Updated last year
- ☆36Updated 2 years ago
- Persistence via Shell Extensions☆63Updated last year
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆24Updated 7 months ago
- EvtPsst☆53Updated last year
- DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable☆57Updated last year
- Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH☆48Updated 3 years ago
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆33Updated 2 years ago
- Small tool to play with IOCs caused by Imageload events☆42Updated last year
- A simple rpc2socks alternative in pure Go.☆28Updated 9 months ago
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆36Updated last year
- ☆12Updated 2 years ago
- A simple website to act as a store for havoc modules and extensions☆26Updated 3 months ago
- Process Ghosting is a technique in which a process is created from a delete pending file. This means the created process is not backed by…☆14Updated 11 months ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆62Updated last year
- ☆27Updated 3 months ago
- ☆29Updated last year
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆51Updated last year
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 3 years ago
- Section-based payload obfuscation technique for x64☆59Updated 8 months ago