brosck / L1LKillerLinks
「⚠️」Performing a BYOVD on the truesight.sys driver
☆40Updated 8 months ago
Alternatives and similar repositories for L1LKiller
Users that are interested in L1LKiller are comparing it to the libraries listed below
Sorting:
- Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks☆116Updated 8 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆76Updated last year
- Generate an Alphabetical Polymorphic Shellcode☆97Updated last week
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆91Updated last year
- Remote DLL Injection with Timer-based Shellcode Execution☆95Updated last month
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆187Updated 6 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated last year
- ☆145Updated 9 months ago
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆98Updated last year
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆51Updated last year
- A Mythic agent for Windows written in C☆132Updated last month
- ☆130Updated 5 months ago
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆149Updated last week
- C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, p…☆142Updated this week
- ☆45Updated 2 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆79Updated 4 months ago
- Code execution/injection technique using DLL PEB module structure manipulation☆163Updated 2 months ago
- Stage 0☆163Updated 8 months ago
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated last year
- Offensive Windows Kernel Toolset☆126Updated last month
- Create Anti-Copy DRM Malware☆63Updated last year
- Охотник (Hunter) is a simple Adversary Simulation tool developed for achieves stealth through API unhooking, direct and indirect syscalls…☆86Updated 4 months ago
- Collection of red team techniques.☆59Updated 4 months ago
- Classic Process Injection with Memory Evasion Techniques implemantation☆71Updated last year
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆102Updated 4 months ago
- Bypass the Event Trace Windows(ETW) and unhook ntdll.☆108Updated last year
- A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuf…☆50Updated 3 months ago
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆79Updated 5 months ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆162Updated last year
- Sleep obfuscation☆231Updated 8 months ago