efchatz / bypassing-av-detection
Bypassing antivirus detection: old-school malware, new tricks
☆60Updated last year
Alternatives and similar repositories for bypassing-av-detection:
Users that are interested in bypassing-av-detection are comparing it to the libraries listed below
- Create Anti-Copy DRM Malware☆55Updated 8 months ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆89Updated 10 months ago
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆185Updated last year
- Small project looking into how we can build malware with zero-imports by dynamically resolving windows APIs using GetProcAddress and GetM…☆38Updated last year
- Shellcode loader designed for evasion. Coded in Rust.☆128Updated 2 years ago
- Evasive Golang Loader☆131Updated 9 months ago
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆170Updated 2 years ago
- ApexLdr is a DLL Payload Loader written in C☆108Updated 9 months ago
- Do some DLL SideLoading magic☆85Updated last year
- Windows Kernel Offensive Toolset☆120Updated 7 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆60Updated this week
- Rex Shellcode Loader for AV/EDR evasion☆31Updated last year
- Call Stack Spoofing for Rust with support #[no_std]☆83Updated this week
- reflectively load and execute PEs locally and remotely bypassing EDR hooks☆150Updated last year
- Construct the payload at runtime using an array of offsets☆63Updated 10 months ago
- Shaco is a linux agent for havoc☆160Updated last year
- Template-based generation of shellcode loaders☆77Updated last year
- random code snippets, useful for getting started☆120Updated 5 months ago
- 「💀」Proof of concept on BYOVD attack☆158Updated 4 months ago
- Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution☆175Updated last year
- This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…☆117Updated 3 months ago
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated last year
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆74Updated 8 months ago
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆205Updated 2 months ago
- Generic PE loader for fast prototyping evasion techniques☆230Updated 9 months ago
- A set of programs for analyzing common vulnerabilities in COM☆210Updated 7 months ago
- Terminate AV/EDR leveraging BYOVD attack☆83Updated last month
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆160Updated 10 months ago
- NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing R…☆58Updated last year
- Implementing the ghostly hollowing PE injection technique using tampered syscalls.☆144Updated last month