cinzinga / Evasion-Practice

Related projects ⓘ

Alternatives and complementary repositories for Evasion-Practice

• G0ldenGunSec / GetWebDAVStatus
  Determine if the WebClient Service (WebDAV) is running on a remote system
  ☆123Updated 8 months ago
• SYANiDE- / SuperSharpShooter
  Payload Generation Framework
  ☆85Updated 8 months ago
• horizon3ai / backup_dc_registry
  A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY
  ☆78Updated 2 years ago
• Crypt0s / DelegationBOF
  ☆138Updated 2 years ago
• smokeme / airstrike
  ☆155Updated 3 months ago
• mertdas / SharpLateral
  Lateral Movement
  ☆119Updated last year
• rootshooter / osep-code-dump-2022
  Code dump from PEN-300/OSEP updated 2022
  ☆40Updated 2 years ago
• Sh0ckFR / InlineWhispers2
  Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2
  ☆178Updated 2 years ago
• SaadAhla / AMSI_patch
  Patching AmsiOpenSession by forcing an error branching
  ☆144Updated last year
• kymb0 / Stealth_shellcode_runners
  ☆54Updated 8 months ago
• ChoiSG / OneDriveUpdaterSideloading
  Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post
  ☆86Updated 2 years ago
• x4sh3s / AMSI_Lines
  Bypass AMSI By Dividing files into multiple smaller files
  ☆45Updated last year
• slemire / WSPCoerce
  PoC to coerce authentication from Windows hosts using MS-WSP
  ☆225Updated last year
• Karmaz95 / evasion
  AV EVASION TECHNIQUES
  ☆74Updated 2 years ago
• sliverarmory / armory
  The Official Sliver Armory
  ☆83Updated 3 months ago
• rootshooter / shellcoder
  Shellcode generation and encoding utility
  ☆21Updated 2 years ago
• LuemmelSec / ntlmrelayx.py_to_exe
  ☆77Updated last year
• cpu0x00 / SharpReflectivePEInjection
  reflectively load and execute PEs locally and remotely bypassing EDR hooks
  ☆148Updated 10 months ago
• mlcsec / SharpSQL
  Simple C# implementation of PowerUpSQL
  ☆93Updated 4 months ago
• rasta-mouse / PPEnum
  Simple BOF to read the protection level of a process
  ☆104Updated last year
• Mr-Un1k0d3r / AMSI-ETW-Patch
  Patch AMSI and ETW
  ☆233Updated 6 months ago
• buyne / OSEP-1
  ☆28Updated 3 years ago
• VoldeSec / PatchlessInlineExecute-Assembly
  Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.
  ☆158Updated last year
• gh0x0st / OSEP-Breaking-Chains
  A collection of code snippets built to assist with breaking chains.
  ☆115Updated 7 months ago
• Cobalt-Strike / ElevateKit
  The Elevate Kit demonstrates how to use third-party privilege escalation attacks with Cobalt Strike's Beacon payload.
  ☆110Updated 4 years ago
• xct / SeRestoreAbuse
  SeRestorePrivilege to SYSTEM
  ☆80Updated 3 years ago
• improsec / BackupOperatorToolkit
  The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin
  ☆166Updated last year
• mlcsec / ASRenum-BOF
  Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations
  ☆138Updated 8 months ago
• EspressoCake / DLL-Hijack-Search-Order-BOF
  DLL Hijack Search Order Enumeration BOF
  ☆141Updated 3 years ago