ashemery / Anti-Forensics
A Repository to Track Anti-Forensic Techniques
☆104Updated last year
Alternatives and similar repositories for Anti-Forensics:
Users that are interested in Anti-Forensics are comparing it to the libraries listed below
- ☆112Updated last year
- ☆104Updated 3 months ago
- MITRE TTPs derived from Conti's leaked playbooks from XSS.IS☆35Updated 3 years ago
- ☆79Updated 2 months ago
- ☆84Updated 2 years ago
- ☆36Updated 9 months ago
- Work in progress experiments with reverse shells, AV bypass and extraction of secrets from memory in C☆41Updated 5 years ago
- Evade EDR's the simple way, by not touching any of the API's they hook.�☆77Updated 5 months ago
- A collection of small scripts and tools for deobfuscation and malware analysis.☆65Updated last year
- An interactive shell to spoof some LOLBins command line☆182Updated last year
- This is a simulation of attack by Fancy Bear group (APT28) targeting high-ranking government officials Western Asia and Eastern Europe☆32Updated 7 months ago
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆75Updated 5 months ago
- Bypass Malware Time Delays☆100Updated 2 years ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆141Updated 6 months ago
- Reverse Engineering and Debugging Malware☆30Updated last year
- A tool to Impersonate logged on users without touching LSASS (Including non-Interactive sessions).☆93Updated 2 years ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆143Updated 8 months ago
- Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io☆82Updated 11 months ago
- A Mythic Agent written in PIC C.☆171Updated 3 weeks ago
- A collection of tools, scripts and personal research☆120Updated 6 months ago
- Work, timer, and wait callback example using solely Native Windows APIs.☆84Updated 11 months ago
- Finding secrets in kernel and user memory☆113Updated last year
- This project is an implant framework designed for long term persistent access to Windows machines.☆111Updated last year
- Local & remote Windows DLL Proxying☆161Updated 7 months ago
- Configuration Extractors for Malware☆86Updated this week
- ☆106Updated last year
- A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust☆83Updated 9 months ago
- Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…☆36Updated 4 months ago
- Default Detections for EDR☆96Updated 11 months ago
- ☆137Updated last month