mranv / adPentest

Related projects: ⓘ

• Cipher7 / havoc-PoolParty
  Windows Thread Pool Injection Havoc Implementation
  ☆26Updated 5 months ago
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆46Updated 6 months ago
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆43Updated 4 months ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆52Updated last month
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆59Updated 3 months ago
• vulnableone / BypassX
  The Swiss army knife of evasion tool that bypasses AMSI, Applocker, and CLM mode simultaneously.
  ☆23Updated 6 months ago
• RedSiege / Chromatophore
  Utilities for obfuscating shellcode
  ☆38Updated 2 months ago
• mannyfred / SentinelBruh
  Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution
  ☆31Updated 2 months ago
• SaadAhla / VT-stealer
  VirusTotal Stealer is a DATA Exfiltration tool that exfitrate office documents and tunnel them over VirusTotal API to the Team Server
  ☆62Updated 11 months ago
• realoriginal / grimreaper
  A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls
  ☆99Updated last week
• EvilBytecode / Lifetime-AmsiBypass
  Lifetime AMSI bypass.
  ☆35Updated 2 months ago
• lsecqt / BSides-2024-Malware-Development-101-From-Zero-to-Non-Hero
  ☆23Updated 4 months ago
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆39Updated 2 months ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆59Updated last month
• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆51Updated last month
• EvilBytecode / Lifetime-Amsi-EtwPatch
  Two in one, patch lifetime powershell console, no more etw and amsi!
  ☆79Updated 2 months ago
• 0xHossam / HuffLoader
  Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader
  ☆75Updated 6 months ago
• BC-SECURITY / IronSharpPack
  IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…
  ☆104Updated 4 months ago
• deepinstinct / ShimMe
  ☆121Updated last month
• 0xv1n / Havoc-ProfileGenerator
  malleable profile generator GUI for Havoc
  ☆53Updated last year
• decoder-it / RelabelAbuse
  ☆58Updated 3 months ago
• SilverPlate3 / GoodKit
  Rootkit for the blue team. Sophisticated and optimized LKM to detect and prevent malicious activity
  ☆33Updated 4 months ago
• gatariee / ldrgen
  Template-based generation of shellcode loaders
  ☆63Updated 5 months ago
• xforcered / VectoredExceptionHandling
  ☆21Updated last month
• klezVirus / koppeling-p
  Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
  ☆72Updated last month
• a7t0fwa7 / SymProcSleuth
  A pure C version of SymProcAddress
  ☆23Updated 6 months ago
• klezVirus / RpcProxyInvoke
  Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar
  ☆106Updated last month
• RtlDallas / vs-shellcode
  ☆55Updated this week
• ZERODETECTION / MSC_Dropper
  ☆119Updated last month
• lleon1435 / birdnet-poc
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆14Updated last year
• c2pain / RustPatchlessCLRLoader
  .NET assembly loader with patchless AMSI and ETW bypass in Rust
  ☆19Updated last month