A memory-based evasion technique which makes shellcode invisible from process start to end.
☆17Aug 14, 2023Updated 2 years ago
Alternatives and similar repositories for phantom
Users that are interested in phantom are comparing it to the libraries listed below
Sorting:
- Dll hijack -- just one macro☆13Jul 3, 2023Updated 2 years ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆66May 2, 2023Updated 2 years ago
- Evasive shellcode loader with indirect syscalls, Thread name-calling allocation, PoolParty injection☆10Feb 26, 2025Updated last year
- Event Tracing for Windows EDR bypass in Rust (usermode)☆39Jun 9, 2024Updated last year
- Change hash for a signed pe☆17Jul 18, 2023Updated 2 years ago
- A PoC UDRL for Cobalt Strike built with Crystal Palace that combines Raphael Mudge's page streaming technique with a modular call gate (D…☆107Jan 21, 2026Updated 2 months ago
- Rust implementation, creating a scheduled task programmatically with user logon trigger.☆47Jun 10, 2025Updated 9 months ago
- 免杀绕过某60,过核晶,vt爆6个☆13May 1, 2023Updated 2 years ago
- A BOF to create a scheduled task using a COM object.☆16Dec 3, 2024Updated last year
- Some anti-sandbox codes, copy directly to strengthen your own ShellCode☆12Dec 26, 2022Updated 3 years ago
- Silently Install Chrome Extension For Persistence☆100Jul 20, 2024Updated last year
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- various methods of making API calls☆19Feb 1, 2025Updated last year
- A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.☆164Oct 31, 2024Updated last year
- Periodically check hashcat cracking progress and notify of success.☆10Dec 18, 2018Updated 7 years ago
- 一个普通的BOF用来BypassUAC☆22Apr 6, 2024Updated last year
- Bypass EDR Create TaskServers☆39Dec 24, 2022Updated 3 years ago
- ☆61Jun 26, 2022Updated 3 years ago
- Terminate AV/EDR leveraging BYOVD attack☆103Mar 21, 2025Updated last year
- AI-based Ludus range configuration builder☆29May 6, 2025Updated 10 months ago
- 个人学习使用,二开DcRAT,主要是增加了功能性插件☆17Jan 26, 2024Updated 2 years ago
- ☆38Oct 16, 2025Updated 5 months ago
- 64-bit, position-independent implant template for Windows in Rust.☆174Nov 28, 2025Updated 3 months ago
- Groovy Post Exploitation☆20Oct 21, 2024Updated last year
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆125Feb 13, 2023Updated 3 years ago
- BYOVD Technique Example using viragt64 driver☆78Jul 25, 2024Updated last year
- Rehashing APIs to prevent hash based detection☆14Jan 7, 2025Updated last year
- 10.15免杀绕过defender 360☆19Oct 16, 2023Updated 2 years ago
- ☆21Feb 22, 2025Updated last year
- BOF for C2 framework☆44Nov 9, 2024Updated last year
- A tool to assist DLL hijacking via the Havoc GUI☆13Jan 9, 2024Updated 2 years ago
- Source files for my posts☆17Jun 20, 2023Updated 2 years ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆49Mar 15, 2023Updated 3 years ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 6 months ago
- ☆18Aug 8, 2024Updated last year
- Cobalt Strike Beacon Object File to to change the user's desktop wallpaper☆17Sep 15, 2023Updated 2 years ago
- Select any exported function in a dll as the new dll's entry point.☆82Oct 25, 2024Updated last year
- A VSCode plugin to assist with BOF development.☆37Aug 14, 2024Updated last year
- A reflective DLL development template for the Rust programming language☆116Nov 4, 2025Updated 4 months ago