hackerhouse-opensource / MarbleLinks
The CIA's Marble Framework is designed to allow for flexible and easy-to-use obfuscation when developing tools.
☆299Updated last year
Alternatives and similar repositories for Marble
Users that are interested in Marble are comparing it to the libraries listed below
Sorting:
- ☆356Updated last year
- Unorthodox and stealthy way to inject a DLL into the explorer using icons☆320Updated last month
- Offensive Lua.☆188Updated last year
- Analyse your malware to surgically obfuscate it☆477Updated 3 weeks ago
- ☆189Updated last year
- Patching "signtool.exe" to accept expired certificates for code-signing.☆282Updated 11 months ago
- A CIA tradecraft technique to asynchronously detect when a process is created using WMI.☆135Updated last year
- This comprehensive process injection series is crafted for cybersecurity enthusiasts, researchers, and professionals who aim to stay at t…☆381Updated last month
- CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administr…☆176Updated last year
- Performing Indirect Clean Syscalls☆562Updated 2 years ago
- Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework☆379Updated 10 months ago
- ☆303Updated 7 months ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆693Updated 3 months ago
- CIA UAC bypass implementation of Stinger that obtains the token from an auto-elevated process, modifies it, and reuses it to execute as A…☆293Updated last year
- JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.☆308Updated 10 months ago
- Self-spreading Java malware targeting Minecraft servers. Infected servers are capable of scanning for other vulnerable servers, encryptin…☆120Updated 6 months ago
- A delicious, but malicious SSL-VPN server 🌮☆233Updated 2 weeks ago
- Amsi Bypass payload that works on Windwos 11☆378Updated last year
- Slides & Code snippets for a workshop held @ x33fcon 2024☆260Updated last year
- Generate an obfuscated DLL that will disable AMSI & ETW☆327Updated 11 months ago
- My collection of malware dev links☆275Updated 2 weeks ago
- Venom is a library that meant to perform evasive communication using stolen browser socket☆383Updated last year
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆523Updated last year
- "AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS☆285Updated 2 months ago
- Automated DLL Sideloading Tool With EDR Evasion Capabilities☆482Updated last year
- Simulate the behavior of AV/EDR for malware development training.☆531Updated last year
- Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls☆370Updated 8 months ago
- AV/EDR Lab environment setup references to help in Malware development☆388Updated 4 months ago
- Reduce Entropy And Obfuscate Youre Payload With Serialized Linked Lists☆447Updated 2 years ago
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆314Updated last year