coleak2021 / vehsyscallLinks
vehsyscall:a syscall project that may bypass EDR
☆58Updated last year
Alternatives and similar repositories for vehsyscall
Users that are interested in vehsyscall are comparing it to the libraries listed below
Sorting:
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆53Updated last year
- Self Cleanup in post-ex job☆57Updated 10 months ago
- ☆27Updated last year
- more conveniently Visual-Studio-BOF-template☆67Updated last year
- Beacon compiled using clang☆71Updated 2 years ago
- Delete file regardless of whether the handle is used via SetFileInformationByHandle☆49Updated 2 years ago
- Binary Hollowing☆78Updated 10 months ago
- Stack integrity verification to Detect SleepMask or CallStack Spoofer☆33Updated 3 weeks ago
- beta☆118Updated 10 months ago
- 一个demo☆24Updated last year
- A Blind EDR Project for Educational Purposes☆44Updated 6 months ago
- ☆91Updated 4 years ago
- shellcode生成框架☆88Updated last year
- ☆41Updated last year
- 免杀计划任务进行权限维持,过主流杀软。 A schtask tool bypass anti-virus☆68Updated 2 years ago
- A BOF/COFF loader implemented in Go and CGO.☆22Updated last year
- kill AV/EDR☆22Updated 2 years ago
- Shellcode Reductio Entropy Tools☆71Updated last year
- AddDefenderExclusions Beacon Object File☆41Updated 2 years ago
- Rust 重构的 sRDI☆14Updated 10 months ago
- ☆14Updated last month
- A little tool to play with Windows security☆12Updated this week
- Bypass EDR Create TaskServers☆37Updated 2 years ago
- 自定义函数堆栈,从而绕过ETW检测,这个是完整版。☆14Updated last year
- PE to shellcode☆27Updated 7 months ago
- BOF implementation of delete self poc that delete a locked executable or a currently running file from disk by its pid, path, or the curr…☆77Updated 2 years ago
- 复现《EDR的梦魇:Storm-0978使用新型内核注入技术“Step Bear”》☆138Updated 9 months ago
- A C Implementation for Bypassing Security Software☆27Updated 3 months ago
- ☆19Updated 2 years ago
- Code with Windows Hacker☆12Updated 2 years ago