hackerhouse-opensource / Marble
The CIA's Marble Framework is designed to allow for flexible and easy-to-use obfuscation when developing tools.
☆292Updated last year
Alternatives and similar repositories for Marble:
Users that are interested in Marble are comparing it to the libraries listed below
- Analyse your malware to surgically obfuscate it☆456Updated 3 weeks ago
- Offensive Lua.☆180Updated last year
- ☆342Updated last year
- "AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS☆261Updated this week
- ☆297Updated 4 months ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆655Updated last week
- CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administr…☆175Updated last year
- Slides & Code snippets for a workshop held @ x33fcon 2024☆255Updated 9 months ago
- This comprehensive process injection series is crafted for cybersecurity enthusiasts, researchers, and professionals who aim to stay at t…☆367Updated 3 months ago
- Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8☆350Updated 6 months ago
- Patching "signtool.exe" to accept expired certificates for code-signing.☆276Updated 8 months ago
- Unorthodox and stealthy way to inject a DLL into the explorer using icons☆309Updated last month
- ☆186Updated last year
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆335Updated last month
- Reduce Entropy And Obfuscate Youre Payload With Serialized Linked Lists☆423Updated last year
- Performing Indirect Clean Syscalls☆521Updated last year
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆308Updated last year
- Simulate the behavior of AV/EDR for malware development training.☆514Updated last year
- ☆254Updated last year
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆512Updated 9 months ago
- I will be uploading all the codes which I created with the help either opensource projects or blogs. This is a step by step EDR learning …☆271Updated last year
- A CIA tradecraft technique to asynchronously detect when a process is created using WMI.☆134Updated last year
- Generate an obfuscated DLL that will disable AMSI & ETW☆319Updated 8 months ago
- ☆274Updated last year
- A delicious, but malicious SSL-VPN server 🌮☆215Updated 3 months ago
- Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls☆364Updated 5 months ago
- Wordlist to crack .zip-file password☆200Updated 2 years ago
- My collection of malware dev links☆260Updated 6 months ago
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆158Updated last month
- JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.☆307Updated 7 months ago