vvelitkn / Evasion-EscaperLinks
Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environment or sandbox, and to pass all such checks successfully.
☆106Updated 3 months ago
Alternatives and similar repositories for Evasion-Escaper
Users that are interested in Evasion-Escaper are comparing it to the libraries listed below
Sorting:
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆115Updated 10 months ago
- Detect strange memory regions and DLLs☆183Updated 3 years ago
- ☆141Updated 2 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆123Updated 2 years ago
- A Poc on blocking Procmon from monitoring network events☆102Updated 2 years ago
- ETW based POC to identify direct and indirect syscalls☆185Updated 2 years ago
- Use hardware breakpoints to spoof the call stack for both syscalls and API calls☆196Updated 11 months ago
- Exploitation of process killer drivers☆200Updated last year
- ☆96Updated 3 years ago
- Experiment on reproducing Obfuscate & Sleep☆145Updated 4 years ago
- ☆136Updated last year
- Small PoC of using a Microsoft signed executable as a lolbin.☆137Updated 2 years ago
- ☆52Updated 7 months ago
- ☆115Updated 2 years ago
- Deleting Shadow Copies In Pure C++☆114Updated 2 years ago
- Finding secrets in kernel and user memory☆116Updated last year
- Bypass Malware Time Delays☆100Updated 2 years ago
- I have documented all of the AMSI patches that I learned till now☆72Updated 2 months ago
- EDRSandblast-GodFault☆265Updated last year
- Identify and exploit leaked handles for local privilege escalation.☆108Updated last year
- ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Wind…☆167Updated last year
- different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)☆190Updated last year
- CVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation via DKOM☆163Updated 2 years ago
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆128Updated 2 years ago
- ☆113Updated 3 years ago
- 64bit WIndows 10 shellcode dat pops dat calc - Dynamic & Null Free☆62Updated 2 years ago
- Beacon Object File Loader☆287Updated last year
- It's pointy and it hurts!☆126Updated 2 years ago
- ☆85Updated last year
- Infect Shared Files In Memory for Lateral Movement☆195Updated 2 years ago