es3n1n / no-defender

Related projects: ⓘ

• ynwarcs / CVE-2024-38063
  poc for CVE-2024-38063 (RCE in tcpip.sys)
  ☆574Updated 3 weeks ago
• hasherezade / pe-bear
  Portable Executable reversing tool with a friendly GUI
  ☆2,660Updated this week
• Meckazin / ChromeKatz
  Dump cookies and credentials directly from Chrome/Edge process memory
  ☆902Updated last week
• EgeBalci / sgn
  Shikata ga nai (仕方がない) encoder ported into go with several improvements
  ☆1,429Updated 6 months ago
• lab52io / StopDefender
  Stop Windows Defender programmatically
  ☆946Updated last year
• Yaxser / Backstab
  A tool to kill antimalware protected processes
  ☆1,370Updated 3 years ago
• SafeBreach-Labs / WindowsDowndate
  A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities
  ☆504Updated last week
• weak1337 / Alcatraz
  x64 binary obfuscator
  ☆1,659Updated last year
• TheWover / donut
  Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…
  ☆3,502Updated last week
• hasherezade / pe_to_shellcode
  Converts PE into a shellcode
  ☆2,337Updated last year
• Notselwyn / CVE-2024-1086
  Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, in…
  ☆2,241Updated 5 months ago
• SafeBreach-Labs / PoolParty
  A set of fully-undetectable process injection techniques abusing Windows Thread Pools
  ☆912Updated 9 months ago
• hasherezade / exe_to_dll
  Converts a EXE into DLL
  ☆1,255Updated last year
• Idov31 / Nidhogg
  Nidhogg is an all-in-one simple to use rootkit.
  ☆1,717Updated 5 months ago
• matterpreter / DefenderCheck
  Identifies the bytes that Microsoft Defender flags on.
  ☆2,260Updated last year
• netero1010 / EDRSilencer
  A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the …
  ☆1,066Updated 2 months ago
• YuriiCrimson / ExploitGSM
  Exploit for 6.4 - 6.5 kernels and another exploit for 5.15 - 6.5
  ☆831Updated 5 months ago
• magicsword-io / LOLDrivers
  Living Off The Land Drivers
  ☆981Updated last week
• fiddyschmitt / File-Tunnel
  Tunnel TCP connections through a file
  ☆854Updated this week
• aahmad097 / AlternativeShellcodeExec
  Alternative Shellcode Execution Via Callbacks
  ☆1,412Updated last year
• secretsquirrel / SigThief
  Stealing Signatures and Making One Invalid Signature at a Time
  ☆2,078Updated 3 years ago
• lem0nSec / ShellGhost
  A memory-based evasion technique which makes shellcode invisible from process start to end.
  ☆1,137Updated 11 months ago
• hasherezade / hollows_hunter
  Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…
  ☆1,998Updated last week
• matro7sh / BypassAV
  This map lists the essential techniques to bypass anti-virus and EDR
  ☆2,296Updated 9 months ago
• ZeroMemoryEx / Blackout
  kill anti-malware protected processes ( BYOVD) (Microsoft Won )
  ☆873Updated last year
• matthieu-hackwitharts / Win32_Offensive_Cheatsheet
  Win32 and Kernel abusing techniques for pentesters
  ☆909Updated last year
• hfiref0x / UACME
  Defeating Windows User Account Control
  ☆6,264Updated last month
• WKL-Sec / HiddenDesktop
  HVNC for Cobalt Strike
  ☆1,146Updated 9 months ago
• Accenture / Spartacus
  Spartacus DLL/COM Hijacking Toolkit
  ☆976Updated 7 months ago
• hasherezade / pe-sieve
  Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…
  ☆3,034Updated last week