cinzinga / Evasion-Practice
A variety of AV evasion techniques written in C# for practice.
☆78Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for Evasion-Practice
- Determine if the WebClient Service (WebDAV) is running on a remote system☆123Updated 8 months ago
- Payload Generation Framework☆85Updated 8 months ago
- A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY☆78Updated 2 years ago
- ☆138Updated 2 years ago
- ☆155Updated 3 months ago
- Lateral Movement☆119Updated last year
- Code dump from PEN-300/OSEP updated 2022☆40Updated 2 years ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2☆178Updated 2 years ago
- Patching AmsiOpenSession by forcing an error branching☆144Updated last year
- ☆54Updated 8 months ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆86Updated 2 years ago
- Bypass AMSI By Dividing files into multiple smaller files☆45Updated last year
- PoC to coerce authentication from Windows hosts using MS-WSP☆225Updated last year
- AV EVASION TECHNIQUES☆74Updated 2 years ago
- The Official Sliver Armory☆83Updated 3 months ago
- Shellcode generation and encoding utility☆21Updated 2 years ago
- ☆77Updated last year
- reflectively load and execute PEs locally and remotely bypassing EDR hooks☆148Updated 10 months ago
- Simple C# implementation of PowerUpSQL☆93Updated 4 months ago
- Simple BOF to read the protection level of a process☆104Updated last year
- Patch AMSI and ETW☆233Updated 6 months ago
- ☆28Updated 3 years ago
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆158Updated last year
- A collection of code snippets built to assist with breaking chains.☆115Updated 7 months ago
- The Elevate Kit demonstrates how to use third-party privilege escalation attacks with Cobalt Strike's Beacon payload.☆110Updated 4 years ago
- SeRestorePrivilege to SYSTEM☆80Updated 3 years ago
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆166Updated last year
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆138Updated 8 months ago
- DLL Hijack Search Order Enumeration BOF☆141Updated 3 years ago