efchatz / bypassing-av-detectionLinks
Bypassing antivirus detection: old-school malware, new tricks
☆62Updated 2 years ago
Alternatives and similar repositories for bypassing-av-detection
Users that are interested in bypassing-av-detection are comparing it to the libraries listed below
Sorting:
- Create Anti-Copy DRM Malware☆58Updated 10 months ago
- Small project looking into how we can build malware with zero-imports by dynamically resolving windows APIs using GetProcAddress and GetM…☆39Updated last year
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆172Updated 2 years ago
- Windows Kernel Offensive Toolset☆124Updated last week
- Do some DLL SideLoading magic☆84Updated last year
- NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing R…☆60Updated 2 years ago
- ApexLdr is a DLL Payload Loader written in C☆111Updated 11 months ago
- Shellcode loader designed for evasion. Coded in Rust.☆130Updated 2 years ago
- ☆86Updated last year
- Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution☆182Updated 3 weeks ago
- Template-based generation of shellcode loaders☆77Updated last year
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆189Updated last year
- Kernel Mode Driver for Elevating Process Privileges☆133Updated 2 years ago
- Malware?☆70Updated 8 months ago
- random code snippets, useful for getting started☆120Updated 7 months ago
- reflectively load and execute PEs locally and remotely bypassing EDR hooks☆155Updated last year
- Shaco is a linux agent for havoc☆165Updated last year
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆69Updated 2 months ago
- Evasive Golang Loader☆131Updated 11 months ago
- Reflective DLL Injection Made Bella☆228Updated 5 months ago
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆121Updated 2 years ago
- Classic Process Injection with Memory Evasion Techniques implemantation☆70Updated last year
- Null-free shellcode for TCP reverse shell on Windows x64☆57Updated last year
- PE obfuscator with Evasion in mind☆212Updated 2 years ago
- .NET assembly loader with patchless AMSI and ETW bypass☆334Updated 2 years ago
- A modification to fortra's CVE-2023-28252 exploit, compiled to exe☆54Updated last year
- Generate Shellcode Loaders & Injects☆156Updated 2 years ago
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆205Updated 2 years ago
- ☆188Updated last year
- Execute shellcode from a remote-hosted bin file using Winhttp.☆234Updated 2 years ago