Alternatives and similar repositories for Bypass-Sandbox-Evasion

Users that are interested in Bypass-Sandbox-Evasion are comparing it to the libraries listed below

• SaadAhla / PE-Obfuscator
  PE obfuscator with Evasion in mind
  ☆213Updated 2 years ago
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆68Updated last year
• hackerhouse-opensource / CompMgmtLauncher_DLL_UACBypass
  CompMgmtLauncher & Sharepoint DLL Search Order hijacking UAC/persist via OneDrive
  ☆109Updated 2 years ago
• 0xTriboulet / Red_Team_Code_Snippets
  random code snippets, useful for getting started
  ☆121Updated last year
• florylsk / ExecIT
  Execute shellcode files with rundll32
  ☆210Updated last year
• ghostpepper108 / Evasion
  ☆107Updated 2 years ago
• XaFF-XaFF / CaveCarver
  CaveCarver - PE backdooring tool which utilizes and automates code cave technique
  ☆229Updated 2 years ago
• lem0nSec / KBlast
  Basic interactive Windows kernel offensive toolkit written in C
  ☆133Updated last month
• MalwareTech / EDRception
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆198Updated last year
• DamonMohammadbagher / NativePayload_PE1
  NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing R…
  ☆58Updated 2 years ago
• Faisal-P27 / WAREED-DNS-C2
  ☆122Updated 7 months ago
• CodeXTF2 / WindowSpy
  WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.
  ☆278Updated 8 months ago
• decoder-it / TokenStealer
  ☆163Updated 2 years ago
• BeetleChunks / Obligato
  This project is an implant framework designed for long term persistent access to Windows machines.
  ☆110Updated 2 years ago
• SaadAhla / DocPlz
  Documents Exfiltration project for fun and educational purposes
  ☆144Updated 2 years ago
• ZeroMemoryEx / Tokenizer
  Kernel Mode Driver for Elevating Process Privileges
  ☆134Updated 2 years ago
• xalicex / LOLDrivers_finder
  ☆88Updated 2 years ago
• SaadAhla / D1rkInject
  Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…
  ☆181Updated 2 years ago
• CognisysGroup / HadesLdr
  Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2
  ☆291Updated 2 years ago
• reveng007 / ReflectiveNtdll
  A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…
  ☆180Updated 2 years ago
• florylsk / SignatureGate
  Weaponized HellsGate/SigFlip
  ☆205Updated 2 years ago
• lsecqt / ThreadlessInject-C-Implementation
  This repository implements Threadless Injection in C
  ☆171Updated last year
• 0x00Check / ExploitLeakedHandle
  Identify and exploit leaked handles for local privilege escalation.
  ☆111Updated 2 years ago
• SaadAhla / ntdlll-unhooking-collection
  different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)
  ☆197Updated 2 years ago
• hackerhouse-opensource / Artillery
  CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administr…
  ☆183Updated last year
• brosck / Frosty
  「🧊」Ring 3 Rootkit for Windows 10
  ☆57Updated 11 months ago
• Sh0ckFR / Lockbit3.0-MpClient-Defender-PoC
  Lockbit3.0 Microsoft Defender MpClient.dll DLL Hijacking PoC
  ☆179Updated 3 years ago
• Wh04m1001 / CVE-2023-29343
  ☆161Updated 2 years ago
• nettitude / ShellcodeMutator
  ☆245Updated 2 years ago
• Octoberfest7 / BeatRev
  POC for frustrating/defeating Malware Analysts
  ☆157Updated 3 years ago