Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
☆14Sep 30, 2022Updated 3 years ago
Alternatives and similar repositories for Freeze-Common
Users that are interested in Freeze-Common are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- Phantom DLL Hollowing method implemented in modmap☆18Jun 9, 2021Updated 4 years ago
- Load ssp dll golang implementation☆19Jan 18, 2022Updated 4 years ago
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- Like Hell's Gate but more EGG :)☆20Mar 11, 2022Updated 4 years ago
- Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…☆25Mar 26, 2020Updated 5 years ago
- OwOwning with the Windows API Examples and Code. DEFCON Furs 2020 presentation.☆13Jan 18, 2024Updated 2 years ago
- DPX - the Doge Packer for eXecutables☆30Dec 21, 2021Updated 4 years ago
- Preventing 3rd Party DLLs from Injecting into your Malware☆25Aug 31, 2021Updated 4 years ago
- impersonate trustedinstaller by fiddling with tokens☆17Aug 30, 2021Updated 4 years ago
- Process injection techniques written in Go.☆65Jul 1, 2023Updated 2 years ago
- Goal Go Red-Team 工具类☆44Jan 15, 2025Updated last year
- Rust Weaponization for Red Team Engagements.☆15Oct 9, 2021Updated 4 years ago
- Weaponizing for privileged file writes bugs with PrintNotify Service☆136May 17, 2022Updated 3 years ago
- ☆23Aug 31, 2022Updated 3 years ago
- ☆14Sep 2, 2021Updated 4 years ago
- Iterate over Windows Handles☆15Nov 18, 2025Updated 4 months ago
- ☆17Aug 25, 2022Updated 3 years ago
- Dirfuzz by golang☆15Feb 28, 2023Updated 3 years ago
- 扫描CobaltStrike的恶意IP☆31Apr 6, 2022Updated 3 years ago
- 基于wappalyzer指纹库、chromedp框架对网站进行指纹识别☆13Mar 17, 2025Updated last year
- post exploitation user monitoring tool☆20Jul 3, 2018Updated 7 years ago
- windows API to hide console window by golang☆35Dec 20, 2021Updated 4 years ago
- Thanks to @d35ha☆13Aug 16, 2021Updated 4 years ago
- ☆30Mar 21, 2023Updated 3 years ago
- 利用NTLM Hash读取Exchange邮件☆58May 13, 2023Updated 2 years ago
- Malice Windows Defender AntiVirus Plugin☆40Mar 7, 2023Updated 3 years ago
- A handy plugin for copying requests/responses directly from Burp, some extra magic included.☆13Oct 15, 2021Updated 4 years ago
- Six cases demonstrating methods of optimizing GetProcAddress☆19Jan 3, 2022Updated 4 years ago
- Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged☆89Jul 7, 2022Updated 3 years ago
- 杂 物 收 纳☆15Aug 4, 2023Updated 2 years ago
- Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.☆117Dec 26, 2021Updated 4 years ago
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆58Feb 2, 2026Updated last month
- ☆44Oct 9, 2023Updated 2 years ago
- Using fibers to execute shellcode in a local process via csharp☆28Jan 2, 2022Updated 4 years ago
- golang implementation of Syswhisper2/Syswhisper3☆23Mar 23, 2022Updated 4 years ago
- 无影脚 - 命令行下的日志文件处理工具☆50Nov 15, 2022Updated 3 years ago
- ☆42May 14, 2024Updated last year
- Bypass Windows defender syscall☆18Jul 17, 2021Updated 4 years ago