itaymigdal / awesome-injection
Centralized resource for listing and organizing known injection techniques and POCs
☆441Updated this week
Alternatives and similar repositories for awesome-injection:
Users that are interested in awesome-injection are comparing it to the libraries listed below
- Analyse your malware to surgically obfuscate it☆464Updated last month
- This comprehensive process injection series is crafted for cybersecurity enthusiasts, researchers, and professionals who aim to stay at t…☆373Updated 4 months ago
- ☆301Updated 5 months ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆671Updated last month
- ☆349Updated last year
- AV/EDR Lab environment setup references to help in Malware development☆374Updated 2 months ago
- Simulate the behavior of AV/EDR for malware development training.☆519Updated last year
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆514Updated 10 months ago
- Performing Indirect Clean Syscalls☆535Updated 2 years ago
- HookChain: A new perspective for Bypassing EDR Solutions☆514Updated 3 months ago
- Open Source C&C Specification☆243Updated last month
- PoCs for Kernelmode rootkit techniques research.☆365Updated 3 months ago
- DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.☆491Updated 2 years ago
- Collect Windows telemetry for Maldev☆340Updated 2 months ago
- Reduce Entropy And Obfuscate Youre Payload With Serialized Linked Lists☆433Updated last year
- I will be uploading all the codes which I created with the help either opensource projects or blogs. This is a step by step EDR learning …☆270Updated last year
- Because AV evasion should be easy.☆688Updated 4 months ago
- Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".☆656Updated last year
- TartarusGate, Bypassing EDRs☆580Updated 3 years ago
- Automated DLL Sideloading Tool With EDR Evasion Capabilities☆469Updated last year
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆401Updated 9 months ago
- Extract and execute a PE embedded within a PNG file using an LNK file.☆404Updated 5 months ago
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer☆488Updated last year
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆335Updated 2 months ago
- ☆353Updated 4 months ago
- A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders imp…☆303Updated 6 months ago
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆403Updated 8 months ago
- My collection of malware dev links☆262Updated 7 months ago
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆532Updated last month
- Materials for the workshop "Red Team Ops: Havoc 101"☆373Updated 6 months ago