A slightly more fun way to disable windows defender
☆52May 4, 2025Updated 10 months ago
Alternatives and similar repositories for anti_defender
Users that are interested in anti_defender are comparing it to the libraries listed below
Sorting:
- By manipulating LSASS memory flags like UseLogonCredential and IsCredGuardEnabled, this repo demonstrates how Credential Guard can be byp…☆14May 25, 2025Updated 9 months ago
- Patches the AmsiScan function in clr.dll allowing for unrestricted assembly loading in .NET☆51May 5, 2025Updated 10 months ago
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆43Apr 6, 2025Updated 10 months ago
- Stealthy x64 thread manipulation library for calling functions inside target processes without creating remote threads or installing hook…☆59Oct 10, 2025Updated 4 months ago
- Bypasses AMSI protection through remote memory patching and parsing technique.☆54May 12, 2025Updated 9 months ago
- Pattern-based AMSI bypass that patches AMSI.dll in memory by modifying comparison values, conditional jumps, and function prologues to ne…☆27May 13, 2025Updated 9 months ago
- A 64 bit executable junk code engine for polymorphic malware.☆76Jun 16, 2025Updated 8 months ago
- Heap encryption in Nim☆20Aug 25, 2024Updated last year
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆26Apr 21, 2025Updated 10 months ago
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆138Apr 6, 2025Updated 10 months ago
- Collection of red team techniques.☆67Apr 25, 2025Updated 10 months ago
- Obfuscating function calls using Vectored Exception Handlers by redirecting execution through exception-based control flow. Uses byte swa…☆116Oct 30, 2025Updated 4 months ago
- A mutliple tactics to execute shellcode in go :}☆23Apr 21, 2025Updated 10 months ago
- remote process injections using pool party techniques☆70Jun 29, 2025Updated 8 months ago
- This repo for Windows x32-x64 Kernel/User Mode Exploitation writeups and exploits☆24Oct 20, 2025Updated 4 months ago
- A tunneling toolkit enabling operators to move data from one place to another evasively.☆77Nov 3, 2025Updated 4 months ago
- ATL.dll and WmiMgmt.msc UAC Bypass☆12Apr 26, 2025Updated 10 months ago
- Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH☆140Aug 31, 2025Updated 6 months ago
- Охотник (Hunter) is a simple Adversary Simulation tool developed for achieves stealth through API unhooking, direct and indirect syscalls…☆93Apr 23, 2025Updated 10 months ago
- A launcher to load a DLL with xored cobalt strike shellcode executed in memory through process hollowing technique☆27Nov 11, 2022Updated 3 years ago
- A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuf…☆62May 16, 2025Updated 9 months ago
- a demo module for the kaine agent to execute and inject assembly modules☆41Aug 28, 2024Updated last year
- Obex – Blocking unwanted DLLs in user mode☆282Sep 18, 2025Updated 5 months ago
- ForsHops☆152Mar 25, 2025Updated 11 months ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆13Jul 15, 2023Updated 2 years ago
- This PowerShell script applies a memory patch to bypass the Antimalware Scan Interface (AMSI), allowing unrestricted execution of PowerSh…☆14Jun 2, 2024Updated last year
- Attack Active Directory Trusts with a single tool☆14Jan 15, 2025Updated last year
- Poshito is a Windows C2 over Telegram☆21Oct 30, 2024Updated last year
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆30Sep 24, 2025Updated 5 months ago
- A lightweight Python 3 Nmap wrapper that doesn't try too hard. Gracefully handles any Nmap command, providing access to all output types …☆16Jan 13, 2022Updated 4 years ago
- Mimikatz embedded as classes☆28Oct 25, 2021Updated 4 years ago
- ☆11Dec 8, 2023Updated 2 years ago
- ☆16Jun 15, 2025Updated 8 months ago
- An advanced utility for converting Windows Portable Executable (PE) files to position-independent code (PIC) shellcode. It enables execut…☆65Mar 1, 2025Updated last year
- Whenever PowerShell is launched, Notepad will also open. You can customize the script for educational purposes, but I emphasize that I do…☆12Apr 21, 2025Updated 10 months ago
- bash script to prepare Debian machines for OSINT use☆11Apr 10, 2020Updated 5 years ago
- ☆13Apr 8, 2022Updated 3 years ago
- ☆12Aug 25, 2023Updated 2 years ago
- ☆37Nov 8, 2024Updated last year