brosck / Reaper
γπγProof of concept on BYOVD attack
β158Updated 5 months ago
Alternatives and similar repositories for Reaper
Users that are interested in Reaper are comparing it to the libraries listed below
Sorting:
- β154Updated 9 months ago
- Ghosting-AMSIβ165Updated 2 weeks ago
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.β185Updated last year
- Shaco is a linux agent for havocβ160Updated last year
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to executionβ187Updated 5 months ago
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.β158Updated last month
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, fβ¦β160Updated 11 months ago
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.β225Updated 2 years ago
- Port of Cobalt Strike's Process Inject Kitβ175Updated 5 months ago
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into Wβ¦β151Updated last year
- Evasive Golang Loaderβ131Updated 9 months ago
- Extracting NetNTLM without touching lsass.exeβ235Updated last year
- Patching AmsiOpenSession by forcing an error branchingβ145Updated last year
- Execute shellcode files with rundll32β199Updated last year
- .NET assembly loader with patchless AMSI and ETW bypassβ330Updated 2 years ago
- Stage 0β159Updated 4 months ago
- β172Updated 6 months ago
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reductiβ¦β198Updated 11 months ago
- Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRsβ79Updated 2 years ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the cloneβ¦β199Updated 6 months ago
- Patch AMSI and ETWβ239Updated last year
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.β302Updated last year
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development courseβ189Updated last year
- β164Updated last year
- Cobalt Strike BOF for evasive .NET assembly executionβ242Updated last month
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)β179Updated 3 months ago
- β184Updated last year
- Sleep obfuscationβ222Updated 4 months ago
- β116Updated last month
- AV bypass while you sip your Chai!β221Updated 11 months ago