bolonobolo / av_evasion

Related projects: ⓘ

• thesnoom / extps-cobalt-strike-bof
  Extended Process List (Search functionality)
  ☆27Updated 3 years ago
• S4R1N / TotallyNotAStager
  ☆15Updated this week
• ChaitanyaHaritash / NIM-Scripts
  ☆17Updated 3 years ago
• sk3w / beacon-object-files
  Miscellaneous examples for use with Cobalt Strike Beacon
  ☆10Updated 3 years ago
• aahmad097 / Hitman
  ☆17Updated this week
• mobdk / Sigma
  Execute shellcode with ZwCreateSection, ZwMapViewOfSection, ZwOpenProcess, ZwMapViewOfSection and ZwCreateThreadEx
  ☆14Updated 3 years ago
• klezVirus / LoGiC.NET
  A more advanced free and open .NET obfuscator using dnlib.
  ☆10Updated last year
• SolomonSklash / SeasideBishop
  A C port of b33f's UrbanBishop
  ☆35Updated 3 years ago
• crawl3r / FunWithAMSI
  A repo to hold any bypasses I work on/study/whatever
  ☆18Updated 3 years ago
• SolomonSklash / netntlm
  A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP
  ☆32Updated 3 years ago
• AvivShabtay / OffensiveWinAPI
  My experience using Windows API for offensive purposes
  ☆17Updated 3 years ago
• last-byte / hybris
  ☆22Updated this week
• Allevon412 / BreadBear
  A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/
  ☆30Updated 6 months ago
• vysecurity / AzureAppC2
  A script that can be deployed to Azure App for C2 / Proxy / Redirector
  ☆35Updated 5 years ago
• Mr-Un1k0d3r / RedTeamFSharp
  ☆25Updated this week
• GetRektBoy724 / Breaking-Detecting-Direct-Syscall-Techniques
  A repository filled with ideas to break/detect direct syscall techniques
  ☆26Updated 2 years ago
• APTortellini / DoH-Stager
  ☆12Updated 2 years ago
• williamknows / CodeCoverageModuleStomping
  ☆10Updated 4 years ago
• paranoidninja / DotNetTracer
  C code to enable ETW tracing for Dotnet Assemblies
  ☆28Updated 2 years ago
• ORCA666 / ACHLYSv2
  ☆23Updated this week
• Adepts-Of-0xCC / SnoopyOwl
  ☆44Updated 3 years ago
• 0r13lc0ch4v1 / HideFromAMSI
  Bypass AMSI and Executing PowerShell scripts from C# - using CyberArk's method to bypass AMSI
  ☆29Updated 4 years ago
• ASkyeye / CobaltPatch
  Cobalt Strike Malleable Profile Inline Patch Template: A Position Independent Code (PIC) Code Template For Creating Shellcode That Can Be…
  ☆37Updated 4 years ago
• tothi / PowerLessShell
  Run PowerShell command without invoking powershell.exe
  ☆35Updated 2 years ago
• invictus-0x90 / Docker-C3
  Example of running C3 (https://github.com/FSecureLABS/C3) in a Docker container
  ☆26Updated 2 years ago
• cys3c / Siofra
  DLL hijacking vulnerability scanner and PE infector tool
  ☆16Updated 7 years ago
• a7t0fwa7 / windows-ps-callbacks-experiments
  Files for http://deniable.org/windows/windows-callbacks
  ☆24Updated 4 years ago
• waleedassar / SyscallNumberExtractor
  ☆23Updated 2 years ago
• bohops / Notes
  ☆10Updated this week
• xenoscr / compressedCredBandit
  A variation CredBandit that uses compression to reduce the size of the data that must be trasnmitted.
  ☆18Updated 3 years ago