A Repository to Track Anti-Forensic Techniques
☆118Mar 8, 2023Updated 2 years ago
Alternatives and similar repositories for Anti-Forensics
Users that are interested in Anti-Forensics are comparing it to the libraries listed below
Sorting:
- Reverse Engineering and Debugging Malware☆32Feb 27, 2023Updated 3 years ago
- ☆47Feb 11, 2023Updated 3 years ago
- Everything related to Linux Forensics☆717Jul 13, 2023Updated 2 years ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- Bash tool used for proactive detection of malicious activity on macOS systems.☆39Sep 29, 2025Updated 5 months ago
- ☆20Sep 24, 2025Updated 5 months ago
- ☆60Dec 15, 2023Updated 2 years ago
- ☆138Apr 20, 2023Updated 2 years ago
- Dangling COM Keys Finder☆17Nov 16, 2021Updated 4 years ago
- ☆57Dec 13, 2024Updated last year
- Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…☆77Jul 13, 2021Updated 4 years ago
- Fully functional, from-scratch alternative to the Cobalt Strike Beacon (red teaming tool), offering transparency and flexibility for secu…☆260Mar 13, 2024Updated last year
- A Poc on blocking Procmon from monitoring network events☆110Aug 7, 2025Updated 6 months ago
- 蜜罐检测工具,支持自动化URL去重、多线程控制及智能速率限制。可识别伪装服务。☆16Jun 5, 2025Updated 8 months ago
- Small wiki for Mobile Application Penetration Testing Tools☆12Apr 8, 2021Updated 4 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆70Jun 25, 2024Updated last year
- DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.☆497Nov 29, 2022Updated 3 years ago
- Top 400 passwords as per HaveIBeenPwned☆22Oct 14, 2024Updated last year
- Repo that hold write-ups of various research projects I did and/or overall InfoSec things I investigated/researched.☆22Jan 5, 2025Updated last year
- C++ self-Injecting dropper based on various EDR evasion techniques.☆427Feb 11, 2024Updated 2 years ago
- Deleting Shadow Copies In Pure C++☆118Oct 31, 2022Updated 3 years ago
- Powershell implementation of a novel technique. Invoke-GPTObfuscation is a PowerShell Obfuscator that utilizes OpenAI (and other APIs) to…☆48Dec 5, 2023Updated 2 years ago
- Make an Linux Kernel rootkit visible again.☆59Feb 27, 2025Updated last year
- A string obfuscator for .NET apps, built to evade static string analysis.☆109Jan 3, 2023Updated 3 years ago
- WIP Post-exploitation framework tailored for hypervisors.☆50Nov 16, 2023Updated 2 years ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆243Sep 26, 2023Updated 2 years ago
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆318Aug 31, 2023Updated 2 years ago
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆675Dec 23, 2022Updated 3 years ago
- An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component☆11Aug 5, 2023Updated 2 years ago
- ☆15May 3, 2024Updated last year
- Exploit AD CS misconfiguration allowing privilege escalation and persistence from any child domain to full forest compromise☆129Dec 2, 2023Updated 2 years ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆24Sep 19, 2022Updated 3 years ago
- Improved VMP Idea(detect anti-anti-debug tools by bug)☆47Jun 7, 2023Updated 2 years ago
- Small tool to play with IOCs caused by Imageload events☆44May 14, 2023Updated 2 years ago
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆35Mar 28, 2023Updated 2 years ago
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆569Jan 20, 2026Updated last month
- A ProcessMonitor visualization application written in rust.☆184Aug 6, 2023Updated 2 years ago
- Dump the memory of any PPL with a Userland exploit chain☆352Mar 17, 2023Updated 2 years ago
- Go shellcode loader that combines multiple evasion techniques☆389Jun 21, 2023Updated 2 years ago