BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR
☆21Feb 8, 2024Updated 2 years ago
Alternatives and similar repositories for BadExclusions
Users that are interested in BadExclusions are comparing it to the libraries listed below
Sorting:
- BOF for C2 framework☆44Nov 9, 2024Updated last year
- Extension functionality for the NightHawk operator client☆26Nov 3, 2023Updated 2 years ago
- Proof-of-Concept to evade auditd by tampering via ptrace☆19Aug 3, 2023Updated 2 years ago
- BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR☆75Feb 9, 2024Updated 2 years ago
- HTML Smuggling with Web Assembly☆66Feb 20, 2024Updated 2 years ago
- Bypassing AV, EDR, Application Whitelisting and ASR Rules☆13Apr 18, 2023Updated 2 years ago
- Repository of Microsoft Driver Block Lists based off of OS-builds☆43Apr 14, 2024Updated last year
- Watches the Downloads folder for any new files and inserts it into Nemesis for analysis.☆15Feb 29, 2024Updated 2 years ago
- Dynamically resolve API function addresses at runtime in a secure manner.☆72Nov 11, 2025Updated 3 months ago
- Ludus role for deploying a Mythic Teamserver onto Linux servers☆23Mar 16, 2025Updated 11 months ago
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆65Aug 23, 2023Updated 2 years ago
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆110Mar 25, 2024Updated last year
- ☆31Jul 26, 2024Updated last year
- Transparently call NTAPI via Halo's Gate with indirect syscalls.☆15Apr 26, 2024Updated last year
- Find world writable directories that contain a .exe or .dll file☆13Aug 31, 2021Updated 4 years ago
- SATO is a PowerShell tool focuses on providing flexible, multi-grant type support for obtaining, managing, and analyzing Azure tokens.☆22Nov 24, 2025Updated 3 months ago
- ☆18Feb 29, 2024Updated 2 years ago
- ☆121Nov 21, 2024Updated last year
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- Rust implementation, creating a scheduled task programmatically with user logon trigger.☆47Jun 10, 2025Updated 8 months ago
- string encryption in Nim☆20Jun 15, 2024Updated last year
- ☆14Oct 25, 2019Updated 6 years ago
- SAM Dumping in C#☆54Nov 27, 2025Updated 3 months ago
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆75May 1, 2024Updated last year
- ☆101Oct 7, 2023Updated 2 years ago
- Self delete DLL (2)☆14Feb 15, 2024Updated 2 years ago
- A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation☆18Dec 18, 2024Updated last year
- A Post-exploitation Toolset for Interacting with the Microsoft Graph API☆15Nov 16, 2023Updated 2 years ago
- find dll base addresses without PEB WALK☆160Jul 13, 2025Updated 7 months ago
- ☆40Oct 8, 2024Updated last year
- Modified versions of the Cobalt Strike Process Injection Kit☆106Jan 24, 2024Updated 2 years ago
- A nim port of C5pider's Ekko project.☆17Oct 1, 2022Updated 3 years ago
- Vectored Exception Handling Squared☆29Dec 27, 2025Updated 2 months ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- Section-based payload obfuscation technique for x64☆64Aug 8, 2024Updated last year
- Mythic C2 Agent written in x64 PIC C☆85Jan 29, 2025Updated last year
- ☆50Jun 4, 2025Updated 9 months ago
- Click Once + App Domain☆64Feb 23, 2026Updated last week