Alternatives and similar repositories for bypassing-av-detection

Users that are interested in bypassing-av-detection are comparing it to the libraries listed below

• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆58Updated 10 months ago
• trevorsaudi / Zero-Import-Malware
  Small project looking into how we can build malware with zero-imports by dynamically resolving windows APIs using GetProcAddress and GetM…
  ☆39Updated last year
• reveng007 / ReflectiveNtdll
  A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…
  ☆172Updated 2 years ago
• lem0nSec / KBlast
  Windows Kernel Offensive Toolset
  ☆124Updated last week
• MaorSabag / SideLoadingDLL
  Do some DLL SideLoading magic
  ☆84Updated last year
• DamonMohammadbagher / NativePayload_PE1
  NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing R…
  ☆60Updated 2 years ago
• Cipher7 / ApexLdr
  ApexLdr is a DLL Payload Loader written in C
  ☆111Updated 11 months ago
• cr7pt0pl4gu3 / Pestilence
  Shellcode loader designed for evasion. Coded in Rust.
  ☆130Updated 2 years ago
• xalicex / LOLDrivers_finder
  ☆86Updated last year
• ProcessusT / Venoma
  Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution
  ☆182Updated 3 weeks ago
• gatariee / ldrgen
  Template-based generation of shellcode loaders
  ☆77Updated last year
• MalwareTech / EDRception
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆189Updated last year
• ZeroMemoryEx / Tokenizer
  Kernel Mode Driver for Elevating Process Privileges
  ☆133Updated 2 years ago
• 0prrr / Malwear-Sweet
  Malware?
  ☆70Updated 8 months ago
• 0xTriboulet / Red_Team_Code_Snippets
  random code snippets, useful for getting started
  ☆120Updated 7 months ago
• cpu0x00 / SharpReflectivePEInjection
  reflectively load and execute PEs locally and remotely bypassing EDR hooks
  ☆155Updated last year
• souzomain / Shaco
  Shaco is a linux agent for havoc
  ☆165Updated last year
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆69Updated 2 months ago
• TunnelGRE / Percino
  Evasive Golang Loader
  ☆131Updated 11 months ago
• oldboy21 / RflDllOb
  Reflective DLL Injection Made Bella
  ☆228Updated 5 months ago
• SaadAhla / D1rkSleep
  Improved version of EKKO by @5pider that Encrypts only Image Sections
  ☆121Updated 2 years ago
• S12cybersecurity / NinjaInjector
  Classic Process Injection with Memory Evasion Techniques implemantation
  ☆70Updated last year
• senzee1984 / Windows_x64_Tcp_Reverse_Shell_Shellcode
  Null-free shellcode for TCP reverse shell on Windows x64
  ☆57Updated last year
• SaadAhla / PE-Obfuscator
  PE obfuscator with Evasion in mind
  ☆212Updated 2 years ago
• VoldeSec / PatchlessCLRLoader
  .NET assembly loader with patchless AMSI and ETW bypass
  ☆334Updated 2 years ago
• duck-sec / CVE-2023-28252-Compiled-exe
  A modification to fortra's CVE-2023-28252 exploit, compiled to exe
  ☆54Updated last year
• Wra7h / SingleDose
  Generate Shellcode Loaders & Injects
  ☆156Updated 2 years ago
• LloydLabs / shellcode-plain-sight
  Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak
  ☆205Updated 2 years ago
• nettitude / Tartarus-TpAllocInject
  ☆188Updated last year
• kleiton0x00 / RemoteShellcodeExec
  Execute shellcode from a remote-hosted bin file using Winhttp.
  ☆234Updated 2 years ago