whokilleddb/A-Study-in-Obfuscation external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

whokilleddb/A-Study-in-Obfuscation

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/whokilleddb/A-Study-in-Obfuscation)

Close

whokilleddb / A-Study-in-ObfuscationView on GitHubMore

• External links
• Readme badge

A Study in Obfuscation: Analyzing the effect of various techniques to bypass AV engines

☆46Oct 27, 2022Updated 3 years ago

Alternatives and similar repositories for A-Study-in-Obfuscation

Users that are interested in A-Study-in-Obfuscation are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• whokilleddb / injection-for-dummies

  View on GitHub
  A collection of PoCs for different injection techniques on Windows!
  ☆52Aug 27, 2023Updated 2 years ago
• arsium / ShellCodeExec

  View on GitHub
  My personal shellcode loader
  ☆31Mar 9, 2023Updated 3 years ago
• arsium / BypassGetModuleBaseAddressAndGetExportAddress

  View on GitHub
  A proof of concept of real custom GetProcAddress and GetModuleBaseAddress
  ☆21Jul 9, 2022Updated 3 years ago
• bopin2020 / SharpCmd

  View on GitHub
  Re-implement cmd.exe using windows api
  ☆50Feb 7, 2023Updated 3 years ago
• S3cur3Th1sSh1t / NimWinstaEveryoneAccess

  View on GitHub
  ☆10Jan 17, 2022Updated 4 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• arsium / PELoader

  View on GitHub
  ☆20Jul 23, 2023Updated 2 years ago
• D4rthMaulCop / DarthNetLoader

  View on GitHub
  ☆15Aug 17, 2023Updated 2 years ago
• mdsecactivebreach / Browser-ExternalC2

  View on GitHub
  External C2 Using IE COM Objects
  ☆100Feb 24, 2019Updated 7 years ago
• VirtualAlllocEx / Create_Thread_Inline_Assembly_x86

  View on GitHub
  This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly
  ☆20Apr 17, 2023Updated 3 years ago
• Kara-4search / DInvoke_shellcodeload_CSharp

  View on GitHub
  ShellCodeLoader via DInvoke
  ☆59Jul 5, 2021Updated 4 years ago
• RobinFassinaMoschiniForks / bootdoor

  View on GitHub
  Former UEFI Firmware Rootkit Replicating MoonBounce / ESPECTRE
  ☆11Jun 14, 2022Updated 4 years ago
• EspressoCake / DLL_Version_Enumeration_BOF

  View on GitHub
  A BOF for enumerating version information for DLLs associated for a Beacon process.
  ☆16Nov 23, 2021Updated 4 years ago
• slyd0g / SharpCryptUnprotectData

  View on GitHub
  ☆15Feb 9, 2022Updated 4 years ago
• Rvn0xsy / AsmShellcodeLoader

  View on GitHub
  汇编语言编写Shellcode加载器源代码 https://payloads.online/archivers/2022-02-16/1/
  ☆77Oct 24, 2022Updated 3 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• S3cur3Th1sSh1t / SharpNamedPipePTH

  View on GitHub
  Pass the Hash to a named pipe for token Impersonation
  ☆310Nov 29, 2023Updated 2 years ago
• whokilleddb / funcshenanigans

  View on GitHub
  A bunch of shenanigans using functions, VEH and more
  ☆37Jun 8, 2025Updated last year
• Kara-4search / HookDetection_CSharp

  View on GitHub
  HookDetection
  ☆45Sep 3, 2021Updated 4 years ago
• limbenjamin / LogServiceCrash

  View on GitHub
  POC code to crash Windows Event Logger Service
  ☆27Oct 16, 2020Updated 5 years ago
• jsecu / ElevatedEvents

  View on GitHub
  ☆30Nov 7, 2022Updated 3 years ago
• BronzeTicket / ClipboardWindow-Inject

  View on GitHub
  CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback
  ☆66Sep 15, 2022Updated 3 years ago
• melardev / XeytanWin32-RAT

  View on GitHub
  WORK IN PROGRESS. RAT written in C++ using Win32 API
  ☆20Sep 12, 2019Updated 6 years ago
• rkzofficial / Horizon

  View on GitHub
  Remote Administration Tool, Server Written in C# and Client Written in C++
  ☆15Dec 8, 2022Updated 3 years ago
• Meowmycks / etwunhook

  View on GitHub
  Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.
  ☆61Feb 29, 2024Updated 2 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• Sh0ckFR / InlineWhispers2

  View on GitHub
  Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2
  ☆186Jul 21, 2022Updated 3 years ago
• Idov31 / talks-and-publications

  View on GitHub
  Released presentations of my talks + code that used during these talks
  ☆15Sep 5, 2024Updated last year
• airzero24 / WMIReg

  View on GitHub
  PoC to interact with local/remote registry hives through WMI
  ☆90Jun 14, 2020Updated 6 years ago
• NVISOsecurity / DInvisibleRegistry

  View on GitHub
  DInvisibleRegistry
  ☆83Nov 20, 2020Updated 5 years ago
• h4xu3lyn / NTLib

  View on GitHub
  Headers for linking your software with ntdll.dll
  ☆16Nov 4, 2020Updated 5 years ago
• frkngksl / NimicStack

  View on GitHub
  NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs
  ☆95Apr 4, 2026Updated 2 months ago
• EspressoCake / Defender_Exclusions-BOF

  View on GitHub
  A BOF to determine Windows Defender exclusions.
  ☆256Jun 25, 2023Updated 2 years ago
• Jasper1467 / WindowsDefender_Rebuild

  View on GitHub
  An attempt at reversing WindowsDefender
  ☆19Oct 6, 2024Updated last year
• o1mate / DLLProx

  View on GitHub
  Automatic DLL comment link generation and explaination of the DLL Proxying techniques
  ☆10Aug 19, 2021Updated 4 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• ph3n1x007 / EarlyBirdNTDLL

  View on GitHub
  ☆38Feb 11, 2023Updated 3 years ago
• Cracked5pider / CoffeeLdr

  View on GitHub
  Beacon Object File Loader
  ☆296Dec 3, 2023Updated 2 years ago
• Faran-17 / EarlyBird-APC-Injection

  View on GitHub
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆36Oct 31, 2023Updated 2 years ago
• sbasu7241 / HellsGate

  View on GitHub
  Rewrote HellsGate in C# for fun and learning
  ☆85Feb 10, 2022Updated 4 years ago
• badBounty / directInjectorPOC

  View on GitHub
  Small POC written in C# that performs shellcode injection on x64 processes using direct syscalls as a way to bypass user-land EDR hooks.
  ☆85Dec 20, 2019Updated 6 years ago
• paranoidninja / Proxy-DLL-Loads

  View on GitHub
  The code is a pingback to the Dark Vortex blog:
  ☆189Jan 26, 2023Updated 3 years ago
• Kara-4search / Fiber_ShellcodeExecution

  View on GitHub
  Using fibers to execute shellcode in a local process via csharp
  ☆26Jan 2, 2022Updated 4 years ago