scrt / avdebuggerLinks
☆102Updated 3 years ago
Alternatives and similar repositories for avdebugger
Users that are interested in avdebugger are comparing it to the libraries listed below
Sorting:
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆124Updated 2 years ago
- Writeup of Payload Techniques in C involving Mutants, Session 1 -> Session 0 migration, and Self-Deletion of payloads.☆128Updated 3 years ago
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆130Updated 2 years ago
- ☆167Updated 3 years ago
- A Poc on blocking Procmon from monitoring network events☆107Updated 2 months ago
- Overwrite a process's recovery callback and execute with WER☆103Updated 3 years ago
- ☆147Updated 3 years ago
- ☆118Updated 2 years ago
- Building and Executing Position Independent Shellcode from Object Files in Memory☆161Updated 4 years ago
- Experiment on reproducing Obfuscate & Sleep☆152Updated 4 years ago
- This is my own implementation of the Perun's Fart technique by Sektor7☆72Updated 3 years ago
- ☆150Updated 2 years ago
- ☆113Updated 3 years ago
- 64bit WIndows 10 shellcode dat pops dat calc - Dynamic & Null Free☆64Updated 2 years ago
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆101Updated 3 years ago
- It's pointy and it hurts!☆126Updated 3 years ago
- Exploring in-memory execution of .NET☆139Updated 3 years ago
- ☆137Updated 2 years ago
- I have documented all of the AMSI patches that I learned till now☆74Updated 6 months ago
- A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process☆106Updated 3 years ago
- Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR☆104Updated 4 years ago
- Detect strange memory regions and DLLs☆182Updated 3 years ago
- ☆50Updated 3 years ago
- Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR☆157Updated 4 years ago
- A fake AMSI Provider which can be used for persistence.☆152Updated 4 years ago
- Identify and exploit leaked handles for local privilege escalation.☆110Updated 2 years ago
- Convert shellcode generated using pe_2_shellcode to cdb format.☆100Updated 3 years ago
- ☆82Updated 3 years ago
- The code is a pingback to the Dark Vortex blog:☆180Updated 2 years ago
- Simple windows rpc server for research purposes only☆83Updated 3 years ago