hackerhouse-opensource / Marble
The CIA's Marble Framework is designed to allow for flexible and easy-to-use obfuscation when developing tools.
☆291Updated last year
Alternatives and similar repositories for Marble
Users that are interested in Marble are comparing it to the libraries listed below
Sorting:
- ☆187Updated last year
- ☆352Updated last year
- Analyse your malware to surgically obfuscate it☆467Updated 2 months ago
- Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework☆377Updated 9 months ago
- This comprehensive process injection series is crafted for cybersecurity enthusiasts, researchers, and professionals who aim to stay at t…☆377Updated 5 months ago
- Offensive Lua.☆184Updated last year
- CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administr…☆173Updated last year
- "AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS☆274Updated last month
- ☆301Updated 6 months ago
- Unorthodox and stealthy way to inject a DLL into the explorer using icons☆317Updated 3 months ago
- Patching "signtool.exe" to accept expired certificates for code-signing.☆277Updated 9 months ago
- JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.☆310Updated 8 months ago
- ☆256Updated last year
- Generate an obfuscated DLL that will disable AMSI & ETW☆321Updated 10 months ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆679Updated 2 months ago
- A delicious, but malicious SSL-VPN server 🌮☆219Updated 5 months ago
- Win32 Shellcode CheatSheet: Your visual guide for crafting and understanding shellcode. Ideal for malware, and exploit developers☆58Updated 8 months ago
- A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders imp…☆308Updated 7 months ago
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆311Updated last year
- Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8☆351Updated 8 months ago
- A CIA tradecraft technique to asynchronously detect when a process is created using WMI.☆134Updated last year
- Reduce Entropy And Obfuscate Youre Payload With Serialized Linked Lists☆438Updated last year
- Venom is a library that meant to perform evasive communication using stolen browser socket☆382Updated last year
- Slides & Code snippets for a workshop held @ x33fcon 2024☆258Updated 11 months ago
- Native Syscalls Shellcode Injector☆266Updated last year
- AV/EDR Lab environment setup references to help in Malware development☆380Updated 2 months ago
- CIA UAC bypass implementation of Stinger that obtains the token from an auto-elevated process, modifies it, and reuses it to execute as A…☆291Updated last year
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆162Updated last month
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆515Updated 11 months ago
- Nuke It From Orbit - remove AV/EDR with physical access☆258Updated 5 months ago