Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.
☆744Aug 18, 2023Updated 2 years ago
Alternatives and similar repositories for Ivy
Users that are interested in Ivy are comparing it to the libraries listed below
Sorting:
- ScareCrow - Payload creation framework designed around EDR bypass.☆2,880Aug 18, 2023Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆1,008Jun 4, 2024Updated last year
- KaynLdr is a Reflective Loader written in C/ASM☆553Dec 3, 2023Updated 2 years ago
- Inject .NET assemblies into an existing process☆507Jan 19, 2022Updated 4 years ago
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆1,403Nov 22, 2023Updated 2 years ago
- SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.☆1,199Apr 16, 2025Updated 11 months ago
- A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file form…☆1,112Jun 10, 2024Updated last year
- evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)☆1,501Dec 21, 2023Updated 2 years ago
- Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll☆500Feb 3, 2022Updated 4 years ago
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,374Oct 27, 2023Updated 2 years ago
- A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…☆535Aug 1, 2022Updated 3 years ago
- Template-Driven AV/EDR Evasion Framework☆1,786Nov 3, 2023Updated 2 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆1,472Aug 18, 2023Updated 2 years ago
- Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…☆469Mar 8, 2023Updated 3 years ago
- A .NET Runtime for Cobalt Strike's Beacon Object Files☆772Sep 4, 2024Updated last year
- Remote operations commands implemented using Beacon Object Files☆1,139Mar 5, 2026Updated 2 weeks ago
- RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, …☆500Jan 25, 2022Updated 4 years ago
- KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default…☆1,634Aug 6, 2022Updated 3 years ago
- ☆1,793Aug 30, 2024Updated last year
- Project Ares is a Proof of Concept (PoC) loader written in C/C++ based on the Transacted Hollowing technique☆338Jan 16, 2022Updated 4 years ago
- ☆207Feb 24, 2022Updated 4 years ago
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆374May 24, 2022Updated 3 years ago
- FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads☆384Apr 16, 2022Updated 3 years ago
- The swiss army knife of LSASS dumping☆2,081Sep 17, 2024Updated last year
- Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs☆1,229Aug 18, 2023Updated 2 years ago
- Framework for Kerberos relaying☆938May 29, 2022Updated 3 years ago
- Nim-based assembly packer and shellcode loader for opsec & profit☆488Feb 24, 2023Updated 3 years ago
- ☆538Nov 20, 2021Updated 4 years ago
- Open-Source Shellcode & PE Packer☆2,080Feb 3, 2024Updated 2 years ago
- ☆2,173Feb 21, 2023Updated 3 years ago
- OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team…☆819Oct 27, 2023Updated 2 years ago
- Convert shellcode into different formats!☆357Jan 24, 2023Updated 3 years ago
- C# Reflective loader for unmanaged binaries.☆446Jan 25, 2023Updated 3 years ago
- A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from …☆1,092Jul 26, 2021Updated 4 years ago
- .NET, PE, & Raw Shellcode Packer/Loader Written in Nim☆817Jan 20, 2023Updated 3 years ago
- Proof-of-concept obfuscation toolkit for C# post-exploitation tools☆430Jul 22, 2022Updated 3 years ago
- Evasive shellcode loader for bypassing event-based injection detection (PoC)☆824Aug 23, 2021Updated 4 years ago
- SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature…☆1,260Aug 27, 2023Updated 2 years ago
- A tool to kill antimalware protected processes☆1,506Jun 19, 2021Updated 4 years ago