☆106May 15, 2023Updated 2 years ago
Alternatives and similar repositories for Evasion
Users that are interested in Evasion are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 2 years ago
- ETW based POC to identify direct and indirect syscalls☆189Apr 19, 2023Updated 2 years ago
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆140Sep 14, 2024Updated last year
- Weaponized HellsGate/SigFlip☆204Jun 7, 2023Updated 2 years ago
- Patching AmsiOpenSession by forcing an error branching☆154Aug 2, 2023Updated 2 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- (First Public?) Sample of unhooking ntdll (All Exports & IAT imports) hooks in Rust using in-memory disassembly, avoiding direct syscalls…☆138Mar 3, 2025Updated last year
- Threadless Process Injection using remote function hooking.☆810Sep 4, 2024Updated last year
- HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.☆721Jul 19, 2023Updated 2 years ago
- Small tool to play with IOCs caused by Imageload events☆44May 14, 2023Updated 2 years ago
- Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime☆313Aug 2, 2023Updated 2 years ago
- A RunAs clone with the ability to specify the password as an argument.☆112Jul 2, 2023Updated 2 years ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 2 years ago
- Using fibers to run in-memory code.☆243Oct 19, 2023Updated 2 years ago
- Execute shellcode from a remote-hosted bin file using Winhttp.☆239Jun 22, 2023Updated 2 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Native Syscalls Shellcode Injector☆268Jul 2, 2023Updated 2 years ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆293Jul 15, 2023Updated 2 years ago
- Execute a payload at each right click on a file/folder in the explorer menu for persistence☆174Mar 15, 2023Updated 3 years ago
- Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework☆387Jul 30, 2024Updated last year
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆125Feb 13, 2023Updated 3 years ago
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆180Feb 10, 2023Updated 3 years ago
- ☆111Feb 17, 2025Updated last year
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- ☆91Jul 18, 2023Updated 2 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…☆321Aug 2, 2023Updated 2 years ago
- Lifetime AMSI bypass☆672Sep 26, 2023Updated 2 years ago
- Find DLLs with RWX section☆79Jul 3, 2023Updated 2 years ago
- indirect syscalls for AV/EDR evasion in Go assembly☆377Jun 13, 2023Updated 2 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Apr 4, 2023Updated 2 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆135Jan 2, 2023Updated 3 years ago
- Encypting the Heap while sleeping by hooking and modifying Sleep with our own sleep that encrypts the heap☆246Aug 2, 2023Updated 2 years ago
- ☆48Feb 11, 2023Updated 3 years ago
- EDRSandblast-GodFault☆271Aug 28, 2023Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Go shellcode loader that combines multiple evasion techniques☆388Jun 21, 2023Updated 2 years ago
- I have documented all of the AMSI patches that I learned till now☆73Nov 4, 2025Updated 4 months ago
- Documents Exfiltration project for fun and educational purposes☆144Oct 10, 2023Updated 2 years ago
- Ethical Remote Acces Tool Client and Server for W10 and Linux Persist functionality☆50Feb 12, 2023Updated 3 years ago
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆286Jun 8, 2023Updated 2 years ago
- RDPCredentialStealer it's an implant that steal credentials provided by users in RDP using API Hooking with Detours in C++☆265Mar 11, 2026Updated 2 weeks ago
- This repo contains C/C++ snippets that can be handy in specific offensive scenarios.☆765Jan 26, 2025Updated last year