Alternatives and similar repositories for Project-winEvasion-Redteam

Users that are interested in Project-winEvasion-Redteam are comparing it to the libraries listed below

• aaaddress1 / ntkrnlProtectScan
  One Click Tool to Scan All the Enabled Protection of current Windows NT Kernel
  ☆43Updated 2 years ago
• Quasar-Continuation / Cosmali
  ☆18Updated 2 months ago
• gemini-security / GithubC2
  ☆27Updated 2 years ago
• lleon1435 / Kernel_VADInjector
  Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver
  ☆52Updated 2 years ago
• EvilBytecode / Evilbytecode-Gate
  Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…
  ☆25Updated 8 months ago
• Blazz3 / MalDev-AV-EDR-Evasion-for-Pentesters
  MalDev & AV-EDR Evasion for Pentesters
  ☆17Updated 2 years ago
• Fadi002 / MalwareInvestigation
  reverse engineering random malwares
  ☆22Updated 10 months ago
• ricardojoserf / SharpObfuscate
  Obfuscate payloads using IPv4, IPv6, MAC or UUID strings
  ☆22Updated last year
• S12cybersecurity / NinjaInjector
  Classic Process Injection with Memory Evasion Techniques implemantation
  ☆72Updated 2 years ago
• 0xJs / EnumMitigations
  Reports on Driver, LSASS and other security services mitigations
  ☆33Updated 4 months ago
• lsecqt / BSides-2024-Malware-Development-101-From-Zero-to-Non-Hero
  ☆43Updated last year
• a7t0fwa7 / SymProcSleuth
  A pure C version of SymProcAddress
  ☆30Updated last year
• Ephrimgnanam / Worms
  This is a collection of Worms for educational purposes
  ☆33Updated 5 months ago
• Cracked5pider / unguard-eat
  havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets
  ☆42Updated last year
• MaorSabag / HollowMask
  Just another Process Injection using Process Hollowing technique.
  ☆19Updated 2 years ago
• splexas / TrampHooker
  A mechanism that trampoline hooks functions in x86/x64 systems.
  ☆21Updated last year
• crvvdev / cpp-ransomware
  C\C++ Ransomware example using RSA and AES-128 with BCrypt library on Windows
  ☆19Updated 2 years ago
• HulkOperator / AuthStager
  ☆59Updated last year
• EvilBytecode / Detecting-Indirect-Syscalls
  Detection of indirect syscall techniques using hardware breakpoints and vectored exception handling.
  ☆50Updated 2 months ago
• frkngksl / UnlinkDLL
  DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable
  ☆58Updated 2 years ago
• 7eRoM / tutorials
  ☆17Updated 7 months ago
• AdvDebug / BehavEye
  Advanced dynamic malware analysis tool.
  ☆82Updated last year
• SaadAhla / HadesLdr
  Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2
  ☆13Updated 2 years ago
• bgarciaoliveira / InjectHook
  A lightweight C++ library designed for function interception within injected DLLs, providing a streamlined approach to modifying applicat…
  ☆39Updated 2 years ago
• 0xTriboulet / T-1
  T-1 is a shellcode loader that leverages ML techniques to detect VM environments
  ☆35Updated last year
• 0x11DFE / file-unpumper
  Tool that can be used to trim useless things from a PE file such as the things a file pumper would add.
  ☆29Updated 8 months ago
• soheilsec / RT-workshop-2024
  فایل ها و فیلم های ورکشاپ ردتیم 2024 با هانت لرن
  ☆32Updated last year
• zero2504 / Shadow-Rebirth
  Shadow Rebirth - An Aggressive Outbreak Anti-Debugging Technique
  ☆14Updated last year
• C5Hackr / ARM64_AmsiPatch
  ☆21Updated 7 months ago
• EvilBytecode / Powershell-Persistance
  Whenever PowerShell is launched, Notepad will also open. You can customize the script for educational purposes, but I emphasize that I do…
  ☆11Updated 8 months ago