ZeroMemoryEx / Bypass-Sandbox-Evasion
Bypass Malware Sandbox Evasion Ram check
☆137Updated 2 years ago
Alternatives and similar repositories for Bypass-Sandbox-Evasion:
Users that are interested in Bypass-Sandbox-Evasion are comparing it to the libraries listed below
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆181Updated last year
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆172Updated 2 years ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆292Updated last year
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆177Updated last year
- Evasive Golang Loader☆129Updated 8 months ago
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated last year
- PE obfuscator with Evasion in mind☆213Updated last year
- Documents Exfiltration project for fun and educational purposes☆145Updated last year
- Execute shellcode files with rundll32☆193Updated last year
- Run Your Payload Without Running Your Payload☆180Updated 2 years ago
- Kernel Mode Driver for Elevating Process Privileges☆133Updated 2 years ago
- CaveCarver - PE backdooring tool which utilizes and automates code cave technique☆222Updated last year
- Remote Shellcode Injector☆212Updated last year
- reflectively load and execute PEs locally and remotely bypassing EDR hooks☆151Updated last year
- random code snippets, useful for getting started☆117Updated 4 months ago
- Do some DLL SideLoading magic☆79Updated last year
- Implementing the ghostly hollowing PE injection technique using tampered syscalls.☆141Updated 2 weeks ago
- .NET assembly loader with patchless AMSI and ETW bypass☆319Updated last year
- Windows Kernel Offensive Toolset☆119Updated 6 months ago
- Patching AmsiOpenSession by forcing an error branching☆144Updated last year
- Lockbit3.0 Microsoft Defender MpClient.dll DLL Hijacking PoC☆175Updated 2 years ago
- Exploitation of process killer drivers☆198Updated last year
- Generate Shellcode Loaders & Injects☆155Updated last year
- Generic PE loader for fast prototyping evasion techniques☆229Updated 8 months ago
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆216Updated last year
- 「💀」Proof of concept on BYOVD attack☆155Updated 3 months ago
- This repository implements Threadless Injection in C☆161Updated last year
- Bypass the Event Trace Windows(ETW) and unhook ntdll.☆102Updated last year
- (0day) Local Privilege Escalation in IObit Malware Fighter☆116Updated 2 months ago
- A bunch of scripts and code i wrote.☆135Updated 4 months ago