zha0 / BloodyAvView external linksLinks
BloodyAv is Custom Shell Code loader to Bypass Av and Edr.
☆14Mar 21, 2022Updated 3 years ago
Alternatives and similar repositories for BloodyAv
Users that are interested in BloodyAv are comparing it to the libraries listed below
Sorting:
- NTAPI hook bypass with (semi) legit stack trace☆18May 9, 2023Updated 2 years ago
- EQGRP: Replicating DarkPulsar, an DLL capable of hooking Security Package Method Tables on the Heap!☆10Oct 11, 2020Updated 5 years ago
- Direct syscalls Injection to bypass AV/EDR☆12May 18, 2024Updated last year
- golang uuid-shellcode加载器,分离执行,可直接把shellcode写入程序。☆15Aug 12, 2021Updated 4 years ago
- BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆17Jul 22, 2022Updated 3 years ago
- Indirect Syscall invocation via thread hijacking☆26May 5, 2023Updated 2 years ago
- Aggressor script that gets the latest commands from CobaltStrikes web site and creates an aggressor script based on tool options.☆22Oct 6, 2021Updated 4 years ago
- Bypass windows eventlogs & Sysmon☆20Aug 24, 2021Updated 4 years ago
- A dynamic HTTP/S stager that lets one shellcode loader be reused for different encrypted payloads - no rebuilds.☆19Oct 1, 2025Updated 4 months ago
- Groovy Post Exploitation☆20Oct 21, 2024Updated last year
- C# .NET Assembly for interacting with File Object DACLs☆46Apr 3, 2020Updated 5 years ago
- Tools developed during the personal learning process☆23Nov 16, 2021Updated 4 years ago
- Quickly generate every payload type for each listener and optionally host via HTTP.☆22Aug 23, 2021Updated 4 years ago
- Event Tracing for Windows EDR bypass in Rust (usermode)☆38Jun 9, 2024Updated last year
- PrimitiveInjection by using Read, Write and Allocation Primitives.☆53Jun 21, 2025Updated 7 months ago
- Beacon Object File to locate and suspend the threads hosting the Event Log service☆29Jun 17, 2022Updated 3 years ago
- PoC for a Havoc agent/handler setup with all C2 traffic routed through GitHub. No direct connections: all commands and responses are rela…☆44Jul 9, 2025Updated 7 months ago
- Rex Shellcode Loader for AV/EDR evasion☆35Apr 7, 2024Updated last year
- IAT Unhooking proof-of-concept☆34Apr 7, 2024Updated last year
- Quick python script to replace the NtAPI functions within SysWhispers' assembly and header files with random strings☆28May 30, 2022Updated 3 years ago
- C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.☆31Nov 9, 2021Updated 4 years ago
- springFramework_CVE-2022-22965_RCE简单利用☆26Apr 7, 2022Updated 3 years ago
- cobalt strike 自用脚本☆29Oct 29, 2020Updated 5 years ago
- Standalone Cobalt Strike operation logging Aggressor script for Ghostwriter 2.0+☆36Dec 1, 2025Updated 2 months ago
- Credential Dumper☆79Feb 19, 2020Updated 5 years ago
- This repository contains the PowerShell script for adding and removing the Sticky Key backdoor on Windows☆34May 18, 2020Updated 5 years ago
- ☆10Oct 9, 2024Updated last year
- a stage1 DLL loader with sleep obfuscation☆36Dec 27, 2022Updated 3 years ago
- C/C++ Windows Process Injector for Educational Purposes.☆10Apr 2, 2021Updated 4 years ago
- A web shell for pivoting and lateral movement☆33Nov 29, 2017Updated 8 years ago
- ☆31Jun 19, 2012Updated 13 years ago
- Building ActiveDirectory Lab for practicing various attack vectors used during Red Team engagement.☆38Feb 16, 2020Updated 5 years ago
- ☆37Aug 8, 2021Updated 4 years ago
- generate CobaltStrike's cross-platform payload☆34Jun 16, 2024Updated last year
- ☆92Jun 29, 2021Updated 4 years ago
- EDR Detector that can find what kind of endpoint solution is being used according to drivers in the system.☆93Nov 5, 2021Updated 4 years ago
- Dump macOS 1.8+ password hashes to a hashcat-compatible format☆14May 29, 2022Updated 3 years ago
- 快速解决app加密问题☆40Nov 25, 2020Updated 5 years ago
- Simple Native Rust Reflective PE loader library☆43Apr 18, 2023Updated 2 years ago