Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in this exciting journey and add your expertise to our collective efforts. By contributing, you’ll help strengthen the project and push the boundaries of what we can achieve together.
☆206Sep 20, 2025Updated 5 months ago
Alternatives and similar repositories for Unprotect_Submission
Users that are interested in Unprotect_Submission are comparing it to the libraries listed below
Sorting:
- This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp…☆438Aug 2, 2023Updated 2 years ago
- Execute a payload at each right click on a file/folder in the explorer menu for persistence☆175Mar 15, 2023Updated 2 years ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Mar 26, 2023Updated 2 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆36Apr 5, 2022Updated 3 years ago
- A work in progress BOF/COFF loader in Rust☆50Mar 22, 2023Updated 2 years ago
- Shellcodev is a tool designed to help and automate the process of shellcode creation.☆114Oct 11, 2023Updated 2 years ago
- ☆113Oct 10, 2022Updated 3 years ago
- DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.☆497Nov 29, 2022Updated 3 years ago
- Enumerate various traits from Windows processes as an aid to threat hunting☆202Jan 13, 2022Updated 4 years ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- Living Off The Land Drivers☆1,418Feb 12, 2026Updated 2 weeks ago
- A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process☆115Aug 29, 2022Updated 3 years ago
- A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…☆535Aug 1, 2022Updated 3 years ago
- A Practical example of ELAM (Early Launch Anti-Malware)☆36Nov 12, 2021Updated 4 years ago
- A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.☆66Oct 17, 2023Updated 2 years ago
- Quickly search for references to a GUID in DLLs, EXEs, and drivers☆74Dec 10, 2021Updated 4 years ago
- Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!☆249Jul 9, 2024Updated last year
- Sleep Obfuscation☆817Dec 3, 2023Updated 2 years ago
- HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.☆718Jul 19, 2023Updated 2 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- ☆84Aug 26, 2024Updated last year
- Nice try reading NTDLL from disk, nerd.☆19Apr 18, 2022Updated 3 years ago
- This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCr…☆63Feb 11, 2024Updated 2 years ago
- Autopsy Module to analyze Registry Hives☆16Feb 18, 2022Updated 4 years ago
- Aims to identify sleeping beacons☆662Jan 25, 2026Updated last month
- Now You See Me, Now You Don't☆1,025Jan 23, 2026Updated last month
- Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…☆112Feb 8, 2025Updated last year
- malleable profile generator GUI for Havoc☆55Apr 28, 2023Updated 2 years ago
- An App Domain Manager Injection DLL PoC on steroids☆212Dec 14, 2023Updated 2 years ago
- PoC Implementation of a fully dynamic call stack spoofer☆922Jul 20, 2024Updated last year
- Signature finder (from PE-bear)☆40Aug 25, 2025Updated 6 months ago
- Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs☆807Mar 16, 2024Updated last year
- ☆210Mar 22, 2021Updated 4 years ago
- Using fibers to run in-memory code.☆242Oct 19, 2023Updated 2 years ago
- The code is a pingback to the Dark Vortex blog:☆186Jan 26, 2023Updated 3 years ago
- Project for tracking publicly disclosed DLL Hijacking opportunities.☆890Updated this week
- Password attacks and MFA validation against various endpoints in Azure and Office 365☆153Feb 10, 2023Updated 3 years ago
- .NET/PowerShell/VBA Offensive Security Obfuscator☆517Feb 1, 2024Updated 2 years ago
- All my Source Codes (Repos) for Red-Teaming & Pentesting + Blue Teaming☆233Oct 8, 2024Updated last year