Shadow Rebirth - An Aggressive Outbreak Anti-Debugging Technique
☆20Dec 3, 2024Updated last year
Alternatives and similar repositories for Shadow-Rebirth
Users that are interested in Shadow-Rebirth are comparing it to the libraries listed below
Sorting:
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- System Call Integrity Layer - experimental security research☆25Jan 31, 2026Updated last month
- A runtime for developing large-scale and complex shellcode.☆22Mar 3, 2026Updated 2 weeks ago
- Evasive shellcode loader with indirect syscalls, Thread name-calling allocation, PoolParty injection☆10Feb 26, 2025Updated last year
- ☆65Dec 19, 2024Updated last year
- A Simple PoC☆22May 24, 2024Updated last year
- DLL injection with Microsoft detours☆22Dec 9, 2025Updated 3 months ago
- CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution☆51Apr 22, 2024Updated last year
- Template for writing shellcode in rust☆26Feb 27, 2022Updated 4 years ago
- ☆38Oct 16, 2025Updated 5 months ago
- 自定义函数堆栈,从而绕过ETW检测,这个是完整版。☆14Apr 15, 2024Updated last year
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 11 months ago
- Proof of Concept (PoC) implant for creating custom Cobalt Strike Beacons☆192Feb 11, 2026Updated last month
- Linux Sleep Obfuscation☆112Jan 7, 2024Updated 2 years ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆26Apr 21, 2025Updated 10 months ago
- Research of modifying exported function names at runtime (C/C++, Windows)☆18May 28, 2024Updated last year
- A basic exemple of the API-Hashing method used by Red Teamers but also by malwares developers in C++☆37Jan 10, 2024Updated 2 years ago
- a stage1 DLL loader with sleep obfuscation☆36Dec 27, 2022Updated 3 years ago
- The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23☆23Jun 19, 2025Updated 9 months ago
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆139Apr 6, 2025Updated 11 months ago
- One-header configurable C++20 COFF loader☆21Jul 21, 2025Updated 7 months ago
- Use NtSetInformationThread(ThreadBreakOnTermination) for anti-debugging☆15Sep 21, 2019Updated 6 years ago
- Its a coff loader ported to go☆20Oct 2, 2022Updated 3 years ago
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆61Oct 19, 2024Updated last year
- A dynamic HTTP/S stager that lets one shellcode loader be reused for different encrypted payloads - no rebuilds.☆20Oct 1, 2025Updated 5 months ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 3 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆52Dec 4, 2023Updated 2 years ago
- Locate dlls and function addresses without PEB Walk and EAT parsing☆105Nov 7, 2025Updated 4 months ago
- A 64 bit executable junk code engine for polymorphic malware.☆76Jun 16, 2025Updated 9 months ago
- ☆101Oct 7, 2023Updated 2 years ago
- Rust implementation, creating a scheduled task programmatically with user logon trigger.☆47Jun 10, 2025Updated 9 months ago
- havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most…☆12May 8, 2023Updated 2 years ago
- An In-memory Embedding of CPython☆31May 24, 2021Updated 4 years ago
- Rehashing APIs to prevent hash based detection☆14Jan 7, 2025Updated last year
- ☆24Apr 8, 2025Updated 11 months ago
- Make your Batchfiles unreadable.☆10Dec 29, 2018Updated 7 years ago
- Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence☆63Jun 23, 2025Updated 8 months ago
- Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections☆170May 17, 2023Updated 2 years ago
- Just check hypervisor in ring0☆16Jun 7, 2023Updated 2 years ago