efchatz / bypassing-av-detection
Bypassing antivirus detection: old-school malware, new tricks
☆50Updated last year
Related projects ⓘ
Alternatives and complementary repositories for bypassing-av-detection
- Shaco is a linux agent for havoc☆145Updated last year
- Create Anti-Copy DRM Malware☆42Updated 2 months ago
- ☆118Updated last year
- Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low…☆128Updated last year
- (Demo) 3rd party agent for Havoc☆128Updated last year
- Shellcode loader designed for evasion. Coded in Rust.☆107Updated last year
- Terminate AV/EDR leveraging BYOVD attack☆77Updated last year
- Do some DLL SideLoading magic☆74Updated last year
- Stealthily inject shellcode into an executable☆55Updated last month
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆165Updated last year
- ApexLdr is a DLL Payload Loader written in C☆104Updated 3 months ago
- NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing R…☆57Updated last year
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader☆84Updated 8 months ago
- AV bypass while you sip your Chai!☆206Updated 5 months ago
- ☆173Updated 11 months ago
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆215Updated last year
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆78Updated last year
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆75Updated last year
- Evasive Golang Loader☆130Updated 3 months ago
- .NET assembly loader with patchless AMSI and ETW bypass☆276Updated last year
- Execute shellcode files with rundll32☆181Updated 9 months ago
- Generate Shellcode Loaders & Injects☆152Updated last year
- Execute shellcode from a remote-hosted bin file using Winhttp.☆224Updated last year
- 「💀」Proof of concept on BYOVD attack☆148Updated 8 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆136Updated 2 weeks ago
- ☆159Updated last year
- Template-based generation of shellcode loaders☆66Updated 6 months ago
- Patching AmsiOpenSession by forcing an error branching☆143Updated last year