r0keb/TrashFormer external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

r0keb/TrashFormer

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/r0keb/TrashFormer)

Close

r0keb / TrashFormerView on GitHubMore

• External links
• Readme badge

A 64 bit executable junk code engine for polymorphic malware.

☆78Jun 16, 2025Updated 11 months ago

Alternatives and similar repositories for TrashFormer

Users that are interested in TrashFormer are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• r0keb / MunIntel

  View on GitHub
  kASLR bypass technique on Intel CPUs.
  ☆34May 18, 2025Updated last year
• almounah / hardwareturningpoint

  View on GitHub
  HardwareTurningPoint, Fully Go Compatible Hardware Breakpoint
  ☆16Jan 30, 2025Updated last year
• passthehashbrowns / Being-A-Good-CLR-Host

  View on GitHub
  ☆103Jan 21, 2025Updated last year
• patrickt2017 / VEHNetLoader

  View on GitHub
  Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies
  ☆50Jul 6, 2025Updated 10 months ago
• C5Hackr / ARM64_AmsiPatch

  View on GitHub
  ☆20Jan 8, 2026Updated 4 months ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• HulkOperator / Spoof-RetAddr

  View on GitHub
  ☆37Nov 8, 2024Updated last year
• Cracked5pider / kaine-assembly

  View on GitHub
  a demo module for the kaine agent to execute and inject assembly modules
  ☆41Aug 28, 2024Updated last year
• electroglyph / anti_defender

  View on GitHub
  A slightly more fun way to disable windows defender
  ☆52May 4, 2025Updated last year
• FatRodzianko / Get-Writable

  View on GitHub
  Find world writable directories that contain a .exe or .dll file
  ☆13Aug 31, 2021Updated 4 years ago
• fin3ss3g0d / StoneKeeper

  View on GitHub
  StoneKeeper C2, an experimental EDR evasion framework for research purposes
  ☆210Dec 25, 2024Updated last year
• susMdT / ForsHops

  View on GitHub
  ForsHops
  ☆60Mar 25, 2025Updated last year
• Friends-Security / RedirectThread

  View on GitHub
  Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…
  ☆204Jun 17, 2025Updated 11 months ago
• amberchalia / fraction_loader

  View on GitHub
  ☆50Oct 14, 2025Updated 7 months ago
• githubesson / chrome_abe_poc

  View on GitHub
  golang decryption poc of the new app bound encryption introduced in chrome version 127.
  ☆22Nov 4, 2024Updated last year
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• zero2504 / Shadow-Rebirth

  View on GitHub
  Shadow Rebirth - An Aggressive Outbreak Anti-Debugging Technique
  ☆21Dec 3, 2024Updated last year
• Teach2Breach / stargate

  View on GitHub
  Locate dlls and function addresses without PEB Walk and EAT parsing
  ☆105Nov 7, 2025Updated 6 months ago
• lleon1435 / birdnet-poc

  View on GitHub
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆14Jul 9, 2023Updated 2 years ago
• C5Hackr / Segment-Encryption

  View on GitHub
  ☆32Oct 19, 2024Updated last year
• vvswift / Bypass-Protection0x00

  View on GitHub
  EDR & AV Bypass Arsenal— a comprehensive collection of tools, patches, and techniques for evading modern EDR and antivirus defenses.
  ☆70Nov 17, 2025Updated 6 months ago
• zzhsec / NlsCodeInjectionThroughRegistry

  View on GitHub
  Dll injection through code page id modification in registry. Based on jonas lykk research
  ☆16Jun 18, 2022Updated 3 years ago
• ProcessusT / SharpVenoma

  View on GitHub
  CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution
  ☆51Apr 22, 2024Updated 2 years ago
• dreadnode / lolmil

  View on GitHub
  ☆41Oct 16, 2025Updated 7 months ago
• internetangel / OffensiveD

  View on GitHub
  Utilizing DLang For Offensive Operations.
  ☆15May 29, 2025Updated 11 months ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• Teach2Breach / phantom_persist_rs

  View on GitHub
  Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence
  ☆65Jun 23, 2025Updated 11 months ago
• KingKDot / PowerCrypt

  View on GitHub
  The best powershell obfuscator ever made
  ☆131Aug 1, 2025Updated 9 months ago
• ShorterKing / Chrome-Passwords-decrypt

  View on GitHub
  This script will not work with the latest version of chrome
  ☆17May 11, 2025Updated last year
• GetRektBoy724 / Breaking-Detecting-Direct-Syscall-Techniques

  View on GitHub
  A repository filled with ideas to break/detect direct syscall techniques
  ☆26Apr 21, 2022Updated 4 years ago
• susMdT / LoudSunRun

  View on GitHub
  Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven
  ☆268Oct 16, 2024Updated last year
• pwardle / ReflectiveLoader

  View on GitHub
  A Reflective Loader for macOS
  ☆149Jul 20, 2025Updated 10 months ago
• redskal / obfuscatxor

  View on GitHub
  Near compile-time string obfuscation for Golang
  ☆13Oct 3, 2023Updated 2 years ago
• 0xPrimo / KMDllInjector

  View on GitHub
  kernel-mode DLL Injector
  ☆139Apr 25, 2026Updated last month
• jc-ryan / holistic_automated_red_teaming

  View on GitHub
  [EMNLP 2024] Holistic Automated Red Teaming for Large Language Models through Top-Down Test Case Generation and Multi-turn Interaction
  ☆17Nov 9, 2024Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• 0xNinjaCyclone / EarlyCascade

  View on GitHub
  A PoC for Early Cascade process injection technique.
  ☆216Jan 30, 2025Updated last year
• s4dbrd / ETWReader

  View on GitHub
  Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich
  ☆19Jun 29, 2024Updated last year
• trickster0 / LdrLoadDll-Unhooking

  View on GitHub
  LdrLoadDll Unhooking
  ☆133Jan 16, 2022Updated 4 years ago
• Real-Cryillic / Sarla

  View on GitHub
  It's what all the kids are talking about
  ☆12Apr 25, 2023Updated 3 years ago
• WKL-Sec / LayeredSyscall

  View on GitHub
  Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …
  ☆306Jul 31, 2024Updated last year
• LloydLabs / shellcode-plain-sight

  View on GitHub
  Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak
  ☆211Nov 12, 2025Updated 6 months ago
• V-i-x-x / kernel-callback-removal

  View on GitHub
  kernel callback removal (Bypassing EDR Detections)
  ☆220Nov 14, 2025Updated 6 months ago