A variety of AV evasion techniques written in C# for practice.
☆98Apr 19, 2021Updated 4 years ago
Alternatives and similar repositories for Evasion-Practice
Users that are interested in Evasion-Practice are comparing it to the libraries listed below
Sorting:
- ☆31Aug 23, 2020Updated 5 years ago
- Payload Generation Framework☆21Oct 24, 2024Updated last year
- ☆18Jun 16, 2025Updated 8 months ago
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆592Jun 12, 2024Updated last year
- A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.☆1,413Jul 27, 2025Updated 7 months ago
- Threadless Process Injection using remote function hooking.☆810Sep 4, 2024Updated last year
- Windows Persistence Toolkit in C#☆36Sep 23, 2022Updated 3 years ago
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆250Jun 11, 2024Updated last year
- ☆25Apr 28, 2024Updated last year
- Weaponizing CLRvoyance for Post-Ex .NET Execution☆38Jul 15, 2021Updated 4 years ago
- ☆186Jun 14, 2025Updated 8 months ago
- Basic Psexec clone, but in golang.☆16Jul 2, 2022Updated 3 years ago
- MappingInjection via csharp☆40Nov 19, 2021Updated 4 years ago
- Learning Process Injection and Hollowing techniques☆42Jun 26, 2022Updated 3 years ago
- Generic PE loader for fast prototyping evasion techniques☆244Jul 2, 2024Updated last year
- Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8☆351Aug 29, 2024Updated last year
- ☆29May 10, 2024Updated last year
- Bypassing UAC with SSPI Datagram Contexts☆462Sep 24, 2023Updated 2 years ago
- A small tool to convert Base64-encoded .kirbi tickets from Rubeus into .ccache files for Impacket☆73May 18, 2020Updated 5 years ago
- Using outlook COM objects to create convincing phishing emails without the user noticing. This project is meant for internal phishing.☆155Dec 22, 2020Updated 5 years ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 2 years ago
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆483Oct 14, 2022Updated 3 years ago
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆701May 7, 2025Updated 9 months ago
- The Swiss army knife of evasion tool that bypasses AMSI, Applocker, and CLM mode simultaneously.☆27Mar 9, 2024Updated last year
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆1,607Jul 10, 2023Updated 2 years ago
- Execute shellcode from a remote-hosted bin file using Winhttp.☆240Jun 22, 2023Updated 2 years ago
- Automated .NET AppDomain hijack payload generation☆129Feb 4, 2025Updated last year
- Modified version of PEAS client for offensive operations☆16Mar 8, 2021Updated 4 years ago
- ☆16Sep 23, 2021Updated 4 years ago
- Payload Generation Framework☆100Mar 16, 2024Updated last year
- Cobalt Strike UDRL for memory scanner evasion.☆1,006Jun 4, 2024Updated last year
- A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and re…☆465Aug 23, 2023Updated 2 years ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆158Nov 7, 2023Updated 2 years ago
- PowerShell Constrained Language Mode Bypass☆294Jan 31, 2021Updated 5 years ago
- Execute unmanaged Windows executables in CobaltStrike Beacons☆714Mar 4, 2023Updated 3 years ago
- C# obfuscator that bypass windows defender☆803Jun 4, 2023Updated 2 years ago
- InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…☆741Jul 22, 2023Updated 2 years ago
- time-based user enum via Basic Auth in Azure against Autodiscover☆34Oct 3, 2024Updated last year
- D/Invoke standalone shellcode runners☆39Nov 23, 2023Updated 2 years ago