whokilleddb / A-Study-in-ObfuscationView external linksLinks
A Study in Obfuscation: Analyzing the effect of various techniques to bypass AV engines
☆45Oct 27, 2022Updated 3 years ago
Alternatives and similar repositories for A-Study-in-Obfuscation
Users that are interested in A-Study-in-Obfuscation are comparing it to the libraries listed below
Sorting:
- A proof of concept of real custom GetProcAddress and GetModuleBaseAddress☆21Jul 9, 2022Updated 3 years ago
- My personal shellcode loader☆32Mar 9, 2023Updated 2 years ago
- ☆20Jul 23, 2023Updated 2 years ago
- Re-implement cmd.exe using windows api☆50Feb 7, 2023Updated 3 years ago
- ☆15Aug 17, 2023Updated 2 years ago
- ☆10Jan 17, 2022Updated 4 years ago
- Released presentations of my talks + code that used during these talks☆15Sep 5, 2024Updated last year
- ☆15Feb 9, 2022Updated 4 years ago
- A BOF for enumerating version information for DLLs associated for a Beacon process.☆16Nov 23, 2021Updated 4 years ago
- External C2 Using IE COM Objects☆101Feb 24, 2019Updated 6 years ago
- POC code to crash Windows Event Logger Service☆27Oct 16, 2020Updated 5 years ago
- ShellCodeLoader via DInvoke☆60Jul 5, 2021Updated 4 years ago
- Remote Administration Tool, Server Written in C# and Client Written in C++☆15Dec 8, 2022Updated 3 years ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 2 years ago
- HookDetection☆45Sep 3, 2021Updated 4 years ago
- ☆37Feb 11, 2023Updated 3 years ago
- A collection of PoCs for different injection techniques on Windows!☆49Aug 27, 2023Updated 2 years ago
- Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.☆53Feb 29, 2024Updated last year
- Small POC written in C# that performs shellcode injection on x64 processes using direct syscalls as a way to bypass user-land EDR hooks.☆84Dec 20, 2019Updated 6 years ago
- Pass the Hash to a named pipe for token Impersonation☆313Nov 29, 2023Updated 2 years ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆35Oct 31, 2023Updated 2 years ago
- CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback☆68Sep 15, 2022Updated 3 years ago
- ☆30Nov 7, 2022Updated 3 years ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2☆187Jul 21, 2022Updated 3 years ago
- Using fibers to execute shellcode in a local process via csharp☆28Jan 2, 2022Updated 4 years ago
- Simple and sane compression wrapper library.☆19Oct 28, 2022Updated 3 years ago
- An attempt at reversing WindowsDefender☆20Oct 6, 2024Updated last year
- C# version of NTLMRawUnHide☆72Oct 8, 2022Updated 3 years ago
- Headers for linking your software with ntdll.dll☆15Nov 4, 2020Updated 5 years ago
- 汇编语言编写Shellcode加载器源代码 https://payloads.online/archivers/2022-02-16/1/☆77Oct 24, 2022Updated 3 years ago
- Beacon Object File Loader☆294Dec 3, 2023Updated 2 years ago
- NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs☆96Aug 1, 2022Updated 3 years ago
- Halos Gate-based NTAPI Unhooker☆52Apr 21, 2022Updated 3 years ago
- A BOF to determine Windows Defender exclusions.☆253Jun 25, 2023Updated 2 years ago
- The code is a pingback to the Dark Vortex blog:☆187Jan 26, 2023Updated 3 years ago
- PoC to interact with local/remote registry hives through WMI☆87Jun 14, 2020Updated 5 years ago
- Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.☆18Jan 21, 2022Updated 4 years ago
- Example of using Sleep to create better named pipes.☆41Jul 25, 2023Updated 2 years ago
- Caeser Cipher your shellcode!☆21Mar 11, 2022Updated 3 years ago