av-evasion

There are 21 repositories under av-evasion topic.

bytecode77 / r77-rootkit
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.
rootkit fileless av-evasion
Language:C 1997
inceptor
klezVirus / inceptor
Template-Driven AV/EDR Evasion Framework
obfuscation pinvoke dinvoke code-injection process-injection av-bypass amsi-bypass av-evasion edr-bypass pe-packer amsi-evasion red-team red-teaming av-edr-bypass payload-generator
Language:Assembly 1723
TryCatchHCF / Cloakify
CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
cipher data-exfiltration hacking pentesting exfiltration steganography cryptography dlp av-evasion privacy security security-tools infosec red-team pentest pentest-tool hacking-tool hacking-tools pentest-tools stego
Language:Python 1626
swagkarna / Defeat-Defender-V1.2.0
Powerful batch script to dismantle complete windows defender protection and even bypass tamper protection ..Disable Windows-Defender Permanently....Hack windows. POC
bypass defender antivirus fud malware payload malware-dropper bypass-antivirus undetectable av-evasion dropper hacking hack-tool bypass-defender hackwindows disable-windows-defender batch proof-of-concept
Language:Batchfile 1556
Ch0pin / AVIator
Antivirus evasion project
antivirus bypass backdoor windows trojan shellcode injection backdoors virus-total av-evasion av-b backdooring crypter antivirus-testing virus
Language:C# 1127
hlldz / SpookFlare
Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures.
av-bypass loader dropper av-evasion endpoint-bypass antivirus-evasion antivirus-testing obfuscation bypass
Language:Python 948
klezVirus / SilentMoonwalk
PoC Implementation of a fully dynamic call stack spoofer
av-evasion edr-evasion thread-stack stack-spoofing
Language:C++ 830
thomasxm / BOAZ_beta
Multilayered AV/EDR Evasion Framework
boaz code-injection obfuscation av-bypass av-edr-bypass av-evasion edr-bypass etw-bypass payload-generator pe-packer process-injection red-teaming red-teaming-tools red-ream antivirus-evasion
Language:C++ 800
lengjibo / FourEye
AV Evasion Tool For Red Team Ops
antivirus-evasion av-evasion bypassav redteam shellcode
Language:C 767
bytecode77 / pe-union
Crypter, binder & downloader with native & .NET stub, evasive by design, user friendly UI
binder obfuscation crypter downloader av-evasion
Language:Assembly 679
GetRektBoy724 / SharpUnhooker
C# Based Universal API Unhooker
windows-api windows csharp pentesting red-team dll av-evasion
Language:C# 399
pard0p / CallstackSpoofingPOC
C++ self-Injecting dropper based on various EDR evasion techniques.
av-evasion dropper edr-evasion indirect-syscall
Language:C 390
hades
f1zm0 / hades
Go shellcode loader that combines multiple evasion techniques
av-evasion edr-evasion golang pentesting red-teaming ntapi ntdll syscalls evasion adversary-emulation offensive-security
Language:Go 381
WesleyWong420 / RedTeamOps-Havoc-101
Materials for the workshop "Red Team Ops: Havoc 101"
active-directory av-evasion edr-bypass havoc opsec process-injection red-team-ops
Language:C# 371
D3Ext / maldev
Golang library for malware development
av-evasion cryptography development encryption go golang infosec kali-linux maldev malware pentesting red-team shellcode
Language:Go 348
f1zm0 / acheron
indirect syscalls for AV/EDR evasion in Go assembly
evasion adversary-emulation av-evasion edr-bypass edr-evasion malware-research offensive-security red-team red-teaming assembly go golang
Language:Assembly 337
yutianqaq / AVEvasionCraftOnline
An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods.
bypass bypass-antivirus online redteam redteam-tools antivirus-evasion av-bypass av-evasion golang redteaming
Language:Go 326
GetRektBoy724 / MeterPwrShell
Automated Tool That Generates The Perfect Meterpreter Powershell Payload
meterpreter one-liner bypass-uac amsi bypass-firewall fud windows payload metasploit stager av-evasion malware bypass-amsi bypass metasploit-framework bypass-antivirus
225
Cipher7 / ChaiLdr
AV bypass while you sip your Chai!
av-bypass av-evasion loader malware malware-development red-teaming
Language:C 219
GetRektBoy724 / BetterXencrypt
A better version of Xencrypt.Xencrypt it self is a Powershell runtime crypter designed to evade AVs.
amsi av-evasion avs bypass-antivirus crypter fud payload powershell windows
Language:PowerShell 214
VirtualAlllocEx / Direct-Syscalls-vs-Indirect-Syscalls
The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls
av-bypass av-evasion direct-syscalls edr-bypass edr-evasion indirect-syscalls shellcode-loader windows-int
Language:C 208
VirtualAlllocEx / Direct-Syscalls-A-journey-from-high-to-low
Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low level).
av-bypass av-evasion direct-syscalls edr-bypass edr-evasion
Language:C 141
njcve / inflate.py
Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.
antivirus antivirus-evasion av-bypass av-evasion bugbounty edr-bypass endpoint-security evasion-attack
Language:Python 119
yutianqaq / BypassAV-Online
An online AV evasion platform written in Springboot (Golang, Nim, C) supports inline, local and remote loading of Shellocde methods.
bypassav c go nim springboot antivirus-evasion av-evasion redteam
Language:Java 119
Cipher7 / ApexLdr
ApexLdr is a DLL Payload Loader written in C
av-bypass av-evasion dll-sideloading dll-unhooking indirect-syscall loader malware red-teaming shellcode-loader threadpool
Language:C 113
Sn1r / Nim-Reverse-Shell
A simple and stealthy reverse shell written in Nim that bypasses Windows Defender detection. This tool allows you to establish a reverse shell connection with a target system. Use responsibly for educational purposes only.
antivirus-bypass antivirus-evasion av-bypass av-evasion nim nim-lang reverse-shell
Language:Nim 111
n1nj4sec / pymemimporter
import pyd or execute PE all from memory using only pure python code and some shellcode tricks
python pe32 in-memory mimikatz shellcode pyd av-evasion
Language:Python 74
Chainski / AES-Encoder
PowerShell Obfuscator. A PowerShell script anti-virus evasion tool
av-evasion amsi-bypass cobalt-strike crypter ctf-tools hacking powershell-obfuscator powershell-tools security security-tools aes-encoder encrypt-powershell-script powershell-bypass-amsi cryptography encryption fud penetration-testing red-team powershell xencrypt
Language:PowerShell 71
GetRektBoy724 / TripleS
Extracting Syscall Stub, Modernized
av-evasion csharp pentesting red-teaming syscall windows
Language:C# 63
tid4l / TallGrass
An AV exclusion enumeration tool written in Python.
python av-evasion enumeration windows-registry windows-defender cybersecurity red-team
Language:Python 59
padovah4ck / RedSharp
Penetration Test / Read Team - C# tools repository
reverse-shell c-sharp av-evasion bypass-antivirus windows penetration-test shellcode-injector meterpreter
Language:C# 57
VirtualAlllocEx / DSC_SVC_REMOTE
This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for local privilege escalation in the context of an unquoted service path, etc. The payload itself can be remotely hosted, downloaded via the wininet library and then executed via direct system calls.
av-bypass av-evasion direct-syscalls edr-bypass edr-evasion
Language:C 54
Darkbyte
JoelGMSec / Darkbyte
Repository of tools used in my blog
hacking tools red-team av-evasion tunneling wi-fi rdp keylogger rat
Language:C 51
PayloadCrypter
EvilBytecode / PayloadCrypter
Go Based Crypter That Can Bypass Any Kinds Of Antivirus Products, payload crypter supports over 4 programming languages.
antivirus-evasion av-evasion crypter evasion fud go golang hacking linux payload-crypter red red-team payload-crypt red-tools
Language:Go 42
Enelg52 / Gofrette
Gofrette is a reverse shell payload developed in Golang that bypasses Windows defender and many others anti-virus.
golang reverse-shell av-evasion
Language:Go 40
1captainnemo1 / DLLREVERSESHELL
A CUSTOM CODED FUD DLL, CODED IN C , WHEN LOADED , VIA A DECOY WEB-DELIVERY MODULE( FIRING A DECOY PROGRAM), WILL GIVE A REVERSE SHELL (POWERSHELL) FROM THE VICTIM MACHINE TO THE ATTACKER CONSOLE , OVER LAN AND WAN.
reverse-shell fud evade av-evasion av-bypass custom-reverseshell c-reverseshell backdoor-attacks backdoors-created malware-sample antivirus-evasion antiviral-resistance trojan-malware trojan-rat trojan
Language:C 34

av-evasion

bytecode77 / r77-rootkit

klezVirus / inceptor

TryCatchHCF / Cloakify

swagkarna / Defeat-Defender-V1.2.0

Ch0pin / AVIator

hlldz / SpookFlare

klezVirus / SilentMoonwalk

thomasxm / BOAZ_beta

lengjibo / FourEye

bytecode77 / pe-union

GetRektBoy724 / SharpUnhooker

pard0p / CallstackSpoofingPOC

f1zm0 / hades

WesleyWong420 / RedTeamOps-Havoc-101

D3Ext / maldev

f1zm0 / acheron

yutianqaq / AVEvasionCraftOnline

GetRektBoy724 / MeterPwrShell

Cipher7 / ChaiLdr

GetRektBoy724 / BetterXencrypt

VirtualAlllocEx / Direct-Syscalls-vs-Indirect-Syscalls

VirtualAlllocEx / Direct-Syscalls-A-journey-from-high-to-low

njcve / inflate.py

yutianqaq / BypassAV-Online

Cipher7 / ApexLdr

Sn1r / Nim-Reverse-Shell

n1nj4sec / pymemimporter

Chainski / AES-Encoder

GetRektBoy724 / TripleS

tid4l / TallGrass

padovah4ck / RedSharp

VirtualAlllocEx / DSC_SVC_REMOTE

JoelGMSec / Darkbyte

EvilBytecode / PayloadCrypter

Enelg52 / Gofrette

1captainnemo1 / DLLREVERSESHELL