vvelitkn / Evasion-EscaperLinks
Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environment or sandbox, and to pass all such checks successfully.
☆107Updated 5 months ago
Alternatives and similar repositories for Evasion-Escaper
Users that are interested in Evasion-Escaper are comparing it to the libraries listed below
Sorting:
- ETW based POC to identify direct and indirect syscalls☆187Updated 2 years ago
- ☆143Updated 3 years ago
- ☆96Updated 3 years ago
- Detect strange memory regions and DLLs☆185Updated 3 years ago
- A Poc on blocking Procmon from monitoring network events☆103Updated 2 years ago
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆117Updated last year
- Small PoC of using a Microsoft signed executable as a lolbin.☆138Updated 2 years ago
- Finding secrets in kernel and user memory☆116Updated last year
- ☆113Updated 3 years ago
- Deleting Shadow Copies In Pure C++☆114Updated 2 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆123Updated 2 years ago
- ☆114Updated 2 years ago
- Experiment on reproducing Obfuscate & Sleep☆146Updated 4 years ago
- 64bit WIndows 10 shellcode dat pops dat calc - Dynamic & Null Free☆62Updated 2 years ago
- ☆107Updated 2 years ago
- A PoC project for embedding shellcode to Hint/Name Table☆110Updated 3 years ago
- It's pointy and it hurts!☆125Updated 2 years ago
- Kernel Mode Driver for Elevating Process Privileges☆132Updated 2 years ago
- CreateRemoteThread: how to pass multiple parameters to the remote thread function without shellcode.☆135Updated 3 weeks ago
- Resources and articles I need to take a look at. Mostly about malware/exploit development and analysis.☆83Updated 3 years ago
- ☆136Updated 3 years ago
- Identify and exploit leaked handles for local privilege escalation.☆109Updated 2 years ago
- XOR decrypting shellcode using the GPU with OpenCL.☆100Updated 2 months ago
- CVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation via DKOM☆162Updated 2 years ago
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆214Updated 2 years ago
- ☆86Updated 2 years ago
- Bypass Malware Time Delays☆102Updated 2 years ago
- Golang bindings for PE-sieve☆42Updated last year
- A small tool I made to dump the export table of PE files. The primary use case was intended for use within DLL proxying.☆71Updated 2 years ago
- ☆37Updated 2 years ago