vvelitkn / Evasion-EscaperLinks
Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environment or sandbox, and to pass all such checks successfully.
☆106Updated 4 months ago
Alternatives and similar repositories for Evasion-Escaper
Users that are interested in Evasion-Escaper are comparing it to the libraries listed below
Sorting:
- ETW based POC to identify direct and indirect syscalls☆187Updated 2 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆123Updated 2 years ago
- Finding secrets in kernel and user memory☆116Updated last year
- A Poc on blocking Procmon from monitoring network events☆103Updated 2 years ago
- Small PoC of using a Microsoft signed executable as a lolbin.☆138Updated 2 years ago
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆116Updated 11 months ago
- Detect strange memory regions and DLLs☆184Updated 3 years ago
- ☆142Updated 2 years ago
- ☆114Updated 2 years ago
- Experiment on reproducing Obfuscate & Sleep☆145Updated 4 years ago
- Implementation of Advanced Module Stomping and Heap/Stack Encryption☆217Updated last year
- ☆136Updated 2 years ago
- ☆86Updated last year
- POC for frustrating/defeating Malware Analysts☆154Updated 3 years ago
- It's pointy and it hurts!☆126Updated 2 years ago
- (First Public?) Sample of unhooking ntdll (All Exports & IAT imports) hooks in Rust using in-memory disassembly, avoiding direct syscalls…☆132Updated 3 months ago
- Exploitation of process killer drivers☆201Updated last year
- I have documented all of the AMSI patches that I learned till now☆72Updated 2 months ago
- Bypass Malware Time Delays☆102Updated 2 years ago
- XOR decrypting shellcode using the GPU with OpenCL.☆100Updated last month
- Files for http://blog.deniable.org/posts/windows-callbacks/☆76Updated 3 years ago
- An example reference design for a proposed BOF PE☆174Updated 2 months ago
- Identify and exploit leaked handles for local privilege escalation.☆108Updated 2 years ago
- ☆96Updated 3 years ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆231Updated last year
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆130Updated 10 months ago
- The code is a pingback to the Dark Vortex blog:☆177Updated 2 years ago
- Find DLLs with RWX section☆81Updated last year
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆101Updated 3 years ago
- ☆119Updated last year