dobin / avred-server
The AMSI server for Avred
☆28Updated last year
Related projects ⓘ
Alternatives and complementary repositories for avred-server
- The Web UI for Antnium☆25Updated 2 years ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆38Updated last year
- Collection of Rust repos useful for Red Teamers.☆30Updated 2 years ago
- Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"☆23Updated last year
- BOF for C2 framework☆40Updated last week
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆51Updated last year
- ☆37Updated 3 weeks ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated 4 months ago
- A care package of useful bofs for red team engagments☆48Updated 2 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated last year
- A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously☆28Updated last year
- ☆47Updated last year
- ☆28Updated 5 months ago
- ☆46Updated last year
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆21Updated last year
- PoC MSI payload based on ASEC/AhnLab's blog post☆22Updated 2 years ago
- ☆58Updated 11 months ago
- Beacon Object Files (not Buffer Overflows)☆51Updated last year
- maldev obviously☆23Updated 5 months ago
- ☆59Updated 3 months ago
- IOXIDResolver from AirBus Security/PingCastle☆45Updated 3 years ago
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆31Updated 6 months ago
- Windows x64 Process Injection via Ghostwriting with Dynamic Configuration☆27Updated 3 years ago
- Bunch of BOF files☆24Updated 9 months ago
- Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL☆19Updated 2 years ago
- I have documented all of the AMSI patches that I learned till now☆68Updated last year
- Creation and removal of Defender path exclusions and exceptions in C#.☆30Updated last year
- WhoAmI by asking the LDAP service on a domain controller.☆58Updated 2 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆51Updated last year