Alternatives and similar repositories for bypassing-av-detection

Users that are interested in bypassing-av-detection are comparing it to the libraries listed below

• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆57Updated 9 months ago
• MaorSabag / SideLoadingDLL
  Do some DLL SideLoading magic
  ☆83Updated last year
• VirtualAlllocEx / Direct-Syscalls-A-journey-from-high-to-low
  Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low…
  ☆133Updated 2 years ago
• reveng007 / ReflectiveNtdll
  A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…
  ☆169Updated 2 years ago
• senzee1984 / Windows_x64_Tcp_Reverse_Shell_Shellcode
  Null-free shellcode for TCP reverse shell on Windows x64
  ☆56Updated last year
• securifybv / BOFRyptor
  ☆124Updated last year
• LloydLabs / shellcode-plain-sight
  Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak
  ☆205Updated 2 years ago
• cpu0x00 / SharpReflectivePEInjection
  reflectively load and execute PEs locally and remotely bypassing EDR hooks
  ☆153Updated last year
• gatariee / ldrgen
  Template-based generation of shellcode loaders
  ☆77Updated last year
• lem0nSec / KBlast
  Windows Kernel Offensive Toolset
  ☆124Updated 9 months ago
• Cipher7 / ApexLdr
  ApexLdr is a DLL Payload Loader written in C
  ☆110Updated 10 months ago
• DamonMohammadbagher / NativePayload_PE1
  NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing R…
  ☆60Updated 2 years ago
• naksyn / DojoLoader
  Generic PE loader for fast prototyping evasion techniques
  ☆231Updated 11 months ago
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆66Updated last month
• oldboy21 / RflDllOb
  Reflective DLL Injection Made Bella
  ☆227Updated 5 months ago
• safedv / Rustic64Shell
  A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.
  ☆63Updated last month
• 0xTriboulet / Red_Team_Code_Snippets
  random code snippets, useful for getting started
  ☆120Updated 6 months ago
• xalicex / LOLDrivers_finder
  ☆85Updated last year
• 0prrr / Malwear-Sweet
  Malware?
  ☆70Updated 7 months ago
• SaadAhla / PE-Obfuscator
  PE obfuscator with Evasion in mind
  ☆212Updated 2 years ago
• ProcessusT / UnhookingDLL
  This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…
  ☆70Updated last year
• nettitude / Tartarus-TpAllocInject
  ☆185Updated last year
• cr7pt0pl4gu3 / Pestilence
  Shellcode loader designed for evasion. Coded in Rust.
  ☆129Updated 2 years ago
• souzomain / Shaco
  Shaco is a linux agent for havoc
  ☆161Updated last year
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆89Updated 11 months ago
• naksyn / ProcessStomping
  A variation of ProcessOverwriting to execute shellcode on an executable's section
  ☆148Updated last year
• x42en / sysplant
  Your syscall factory
  ☆123Updated last week
• VoldeSec / PatchlessInlineExecute-Assembly
  Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.
  ☆231Updated 2 years ago
• VoldeSec / PatchlessCLRLoader
  .NET assembly loader with patchless AMSI and ETW bypass
  ☆331Updated 2 years ago
• eversinc33 / Godmode
  Tool for playing with Windows Access Token manipulation.
  ☆55Updated 2 years ago