d3ranged / sf2
Antivirus Signature Search Toolkit
☆78Updated last year
Alternatives and similar repositories for sf2:
Users that are interested in sf2 are comparing it to the libraries listed below
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆70Updated 10 months ago
- A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…☆88Updated last year
- CaveCarver - PE backdooring tool which utilizes and automates code cave technique☆217Updated last year
- This project is an implant framework designed for long term persistent access to Windows machines.☆111Updated last year
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆169Updated last year
- Bypass Malware Sandbox Evasion Ram check☆137Updated 2 years ago
- Криптор на шелл-кодах☆10Updated 4 years ago
- Remote Shellcode Injector☆207Updated last year
- Generic PE loader for fast prototyping evasion techniques☆189Updated 6 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆53Updated 6 months ago
- Privileger is a tool to work with Windows Privileges☆136Updated last year
- A modification to fortra's CVE-2023-28252 exploit, compiled to exe☆54Updated 11 months ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆87Updated 2 years ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆84Updated 7 months ago
- ☆133Updated 2 years ago
- random code snippets, useful for getting started☆114Updated 2 months ago
- Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)☆140Updated 10 months ago
- Create a new thread that will suspend every thread and encrypt its stack, then going to sleep , then decrypt the stacks and resume thread…☆157Updated last year
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆176Updated last year
- Bypass the Event Trace Windows(ETW) and unhook ntdll.☆100Updated last year
- A vulnerable driver exploited by me (BYOVD) that is capable of terminating several EDRs and antivirus software in the market, rendering t…☆93Updated 3 weeks ago
- Run Your Payload Without Running Your Payload☆179Updated 2 years ago
- Classic Process Injection with Memory Evasion Techniques implemantation☆66Updated last year
- A .NET malware loader, using API-Hashing to evade static analysis☆205Updated last year
- Deleting Shadow Copies In Pure C++☆114Updated 2 years ago
- Abuse Xwizard.exe for DLL Side-Loading☆83Updated last year
- Rat Inject is C++ Executable to gain Undetectable Persistence in Windows via 4 Registry Keys☆26Updated 2 years ago