es3n1n / no-defender
A slightly more fun way to disable windows defender + firewall. (through the WSC api)
☆1,856Updated 3 months ago
Related projects: ⓘ
- poc for CVE-2024-38063 (RCE in tcpip.sys)☆574Updated 3 weeks ago
- Portable Executable reversing tool with a friendly GUI☆2,660Updated this week
- Dump cookies and credentials directly from Chrome/Edge process memory☆902Updated last week
- Shikata ga nai (仕方がない) encoder ported into go with several improvements☆1,429Updated 6 months ago
- Stop Windows Defender programmatically☆946Updated last year
- A tool to kill antimalware protected processes☆1,370Updated 3 years ago
- A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities☆504Updated last week
- x64 binary obfuscator☆1,659Updated last year
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆3,502Updated last week
- Converts PE into a shellcode☆2,337Updated last year
- Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, in…☆2,241Updated 5 months ago
- A set of fully-undetectable process injection techniques abusing Windows Thread Pools☆912Updated 9 months ago
- Converts a EXE into DLL☆1,255Updated last year
- Nidhogg is an all-in-one simple to use rootkit.☆1,717Updated 5 months ago
- Identifies the bytes that Microsoft Defender flags on.☆2,260Updated last year
- A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the …☆1,066Updated 2 months ago
- Exploit for 6.4 - 6.5 kernels and another exploit for 5.15 - 6.5☆831Updated 5 months ago
- Living Off The Land Drivers☆981Updated last week
- Tunnel TCP connections through a file☆854Updated this week
- Alternative Shellcode Execution Via Callbacks☆1,412Updated last year
- Stealing Signatures and Making One Invalid Signature at a Time☆2,078Updated 3 years ago
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆1,137Updated 11 months ago
- Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…☆1,998Updated last week
- This map lists the essential techniques to bypass anti-virus and EDR☆2,296Updated 9 months ago
- kill anti-malware protected processes ( BYOVD) (Microsoft Won )☆873Updated last year
- Win32 and Kernel abusing techniques for pentesters☆909Updated last year
- Defeating Windows User Account Control☆6,264Updated last month
- HVNC for Cobalt Strike☆1,146Updated 9 months ago
- Spartacus DLL/COM Hijacking Toolkit☆976Updated 7 months ago
- Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…☆3,034Updated last week