vvelitkn / Evasion-EscaperLinks
Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environment or sandbox, and to pass all such checks successfully.
☆110Updated 10 months ago
Alternatives and similar repositories for Evasion-Escaper
Users that are interested in Evasion-Escaper are comparing it to the libraries listed below
Sorting:
- ETW based POC to identify direct and indirect syscalls☆190Updated 2 years ago
- ☆103Updated 3 years ago
- A Poc on blocking Procmon from monitoring network events☆109Updated 4 months ago
- Deleting Shadow Copies In Pure C++☆117Updated 3 years ago
- Finding secrets in kernel and user memory☆116Updated 2 years ago
- ☆149Updated 3 years ago
- ☆113Updated 3 years ago
- Bypass Malware Time Delays☆108Updated 3 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆134Updated 2 years ago
- ☆89Updated 2 years ago
- Small PoC of using a Microsoft signed executable as a lolbin.☆139Updated 2 years ago
- Identify and exploit leaked handles for local privilege escalation.☆111Updated 2 years ago
- It's pointy and it hurts!☆126Updated 3 years ago
- ☆119Updated 2 years ago
- Detect strange memory regions and DLLs☆183Updated 3 years ago
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆124Updated last year
- I have documented all of the AMSI patches that I learned till now☆76Updated last month
- ☆107Updated 2 years ago
- Experiment on reproducing Obfuscate & Sleep☆156Updated 4 years ago
- ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Wind…☆170Updated 2 years ago
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆133Updated 3 years ago
- Kernel Mode Driver for Elevating Process Privileges☆134Updated 2 years ago
- 64bit WIndows 10 shellcode dat pops dat calc - Dynamic & Null Free☆65Updated 2 years ago
- ☆137Updated 2 years ago
- C# Utilities for Windows Notification Facility☆160Updated 8 months ago
- Code used in this post https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html☆136Updated 3 years ago
- Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.☆32Updated 3 months ago
- PE obfuscator with Evasion in mind☆214Updated 2 years ago
- Select any exported function in a dll as the new dll's entry point.☆81Updated last year
- A PoC project for embedding shellcode to Hint/Name Table☆112Updated 3 years ago