Wra7h / FlavorTown
Various ways to execute shellcode
☆487Updated last year
Alternatives and similar repositories for FlavorTown:
Users that are interested in FlavorTown are comparing it to the libraries listed below
- Cobalt Strike UDRL for memory scanner evasion.☆912Updated 9 months ago
- DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.☆488Updated 2 years ago
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆633Updated 2 years ago
- Aims to identify sleeping beacons☆571Updated 3 months ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆655Updated last week
- Automated DLL Sideloading Tool With EDR Evasion Capabilities☆473Updated last year
- A Highly capable Pe Packer☆693Updated 2 years ago
- TartarusGate, Bypassing EDRs☆570Updated 3 years ago
- A BOF that runs unmanaged PEs inline☆578Updated 5 months ago
- ☆519Updated last year
- Performing Indirect Clean Syscalls☆521Updated last year
- Protected Process Dumper Tool☆532Updated last year
- A .NET Runtime for Cobalt Strike's Beacon Object Files☆702Updated 6 months ago
- KaynLdr is a Reflective Loader written in C/ASM☆528Updated last year
- PIC lsass dumper using cloned handles☆580Updated 2 years ago
- Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework☆374Updated 7 months ago
- ☆375Updated 2 years ago
- ☆501Updated 4 months ago
- Lifetime AMSI bypass☆618Updated last year
- InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…☆648Updated last year
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆323Updated 8 months ago
- Sleep Obfuscation☆733Updated last year
- A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…☆506Updated 2 years ago
- Analyse your malware to surgically obfuscate it☆456Updated 3 weeks ago
- HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.☆661Updated last year
- shellcode loader for your evasion needs☆317Updated 4 months ago
- Kernel mode WinDbg extension and PoCs for token privilege investigation.☆840Updated 2 months ago
- Command and Control Framework written in C#☆394Updated last year
- PoCs and tools for investigation of Windows process execution techniques☆912Updated last week
- PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.☆579Updated last year