unkvolism / Fuck-Etw
Bypass the Event Trace Windows(ETW) and unhook ntdll.
☆102Updated last year
Alternatives and similar repositories for Fuck-Etw:
Users that are interested in Fuck-Etw are comparing it to the libraries listed below
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Updated last year
- this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)☆82Updated last year
- Encodes a payload within a generated mock-CSS file☆59Updated last year
- Construct the payload at runtime using an array of offsets☆63Updated 10 months ago
- Lateral Movement via the .NET Profiler☆81Updated 5 months ago
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆155Updated last month
- ☆106Updated 2 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated last year
- Create Anti-Copy DRM Malware☆55Updated 8 months ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆89Updated 10 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆88Updated this week
- Lateral Movement☆122Updated last year
- ☆180Updated last year
- ☆54Updated 6 months ago
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated last year
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆60Updated this week
- ☆116Updated last month
- Stage 0☆156Updated 4 months ago
- Local & remote Windows DLL Proxying☆164Updated 10 months ago
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆101Updated last year
- Do some DLL SideLoading magic☆84Updated last year
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆120Updated 6 months ago
- ☆122Updated last year
- ☆105Updated last month
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆48Updated 11 months ago
- .bin file to shellcode convertor☆34Updated 9 months ago
- Terminate AV/EDR leveraging BYOVD attack☆83Updated last month
- Find DLLs with RWX section☆79Updated last year
- Example code samples from our ScriptBlock Smuggling Blog post☆89Updated 10 months ago
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆119Updated 2 years ago