av-bypass · GitHub Topics

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

anti-analysis anti-debugging anti-sandbox anti-vm anti-emulation code-injection Malware timing-attacks av-bypass sandbox-evasion

C++ 6.35 k

2 个月前

klezVirus / inceptor

Template-Driven AV/EDR Evasion Framework

obfuscation pinvoke dinvoke code-injection process-injection av-bypass amsi-bypass av-evasion edr-bypass pe-packer amsi-evasion red-team red-teaming av-edr-bypass payload-generator

Assembly 1.69 k

2 年前

hlldz / SpookFlare

Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures.

av-bypass loader dropper av-evasion antivirus-evasion obfuscation bypass

Python 949

6 年前

thomasxm / BOAZ_beta

Multilayered AV/EDR Evasion Framework

boaz code-injection obfuscation av-bypass av-edr-bypass av-evasion edr-bypass etw-bypass payload-generator pe-packer process-injection red-teaming red-teaming-tools red-ream antivirus-evasion

C++ 683

1 个月前

alphaSeclab / anti-av

Resources About Anti-Virus and Anti-Anti-Virus, including 200+ tools and 1300+ posts

anti-virus av-bypass

444

5 年前

yutianqaq / AVEvasionCraftOnline

An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods.

bypass bypass-antivirus online redteam redteam-tools antivirus-evasion av-bypass av-evasion Go redteaming

Go 329

1 年前

SubGlitch1 / OSRipper

AV evading OSX Backdoor and Crypter Framework

backdoor Python fud antivirus-evasion rat Malware malware-development av-bypass crypter crypter-fud miner keylogger

Python 288

1 年前

Cipher7 / ChaiLdr

AV bypass while you sip your Chai!

av-bypass av-evasion loader Malware malware-development red-teaming

C 222

1 年前

VirtualAlllocEx / Direct-Syscalls-vs-Indirect-Syscalls

The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls

av-bypass av-evasion direct-syscalls edr-bypass edr-evasion indirect-syscalls shellcode-loader

C 194

1 年前

VirtualAlllocEx / Direct-Syscalls-A-journey-from-high-to-low

Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low level).

av-bypass av-evasion direct-syscalls edr-bypass edr-evasion

C 133

2 年前

njcve / inflate.py

Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.

antivirus antivirus-evasion av-bypass av-evasion Bug Bounty edr-bypass endpoint-security evasion-attack

Python 120

3 年前

Cipher7 / ApexLdr

ApexLdr is a DLL Payload Loader written in C

av-bypass av-evasion indirect-syscall loader Malware red-teaming shellcode-loader threadpool

C 110

1 年前

Sn1r / Nim-Reverse-Shell

A simple and stealthy reverse shell written in Nim that bypasses Windows Defender detection. This tool allows you to establish a reverse shell connection with a target system. Use responsibly for educ...

antivirus-bypass antivirus-evasion av-bypass av-evasion Nim reverse-shell

Nim 110

1 年前

CroodSolutions / AutoPwnKey

AutoPwnKey is a red teaming framework and testing tool using AutoHotKey (AHK), which at the time of creation proves to be quite evasive. It is our hope that this tool will be useful to red teams over ...

attack-simulation av-bypass av-evasion edr-bypass edr-evasion exploit-development exploitation-framework purple-team purpleteam

AutoHotkey 84

2 个月前

VirtualAlllocEx / DSC_SVC_REMOTE

This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for local privilege escalation in the context of an unquoted service p...

av-bypass av-evasion direct-syscalls edr-bypass edr-evasion

C 51

2 年前

1captainnemo1 / DLLREVERSESHELL

A CUSTOM CODED FUD DLL, CODED IN C , WHEN LOADED , VIA A DECOY WEB-DELIVERY MODULE( FIRING A DECOY PROGRAM), WILL GIVE A REVERSE SHELL (POWERSHELL) FROM THE VICTIM MACHINE TO THE ATTACKER CONSOLE , OV...

reverse-shell fud av-evasion av-bypass backdoor-attacks malware-sample antivirus-evasion trojan-malware trojan-rat trojan

C 34

6 年前

malwarekid / Inject-EXE

The provided Python program, Inject-EXE.py, allows you to combine a malicious executable with a legitimate executable, producing a single output executable. This output executable will contain both th...

antivirus-bypass av-bypass bypass evasion exe Malware Python

Python 34

1 年前

1captainnemo1 / PersistentCReverseShell

A PERSISTENT FUD Backdoor ReverseShell coded in C for any Windows distro, that will make itself persistent on every BOOT and fire a decoy app in the foreground while connecting back to the attacker ...

persistence fud evasion av-bypass av-evasion bypass-antivirus

C 32

6 年前

VirtualAlllocEx / Create_Thread_Inline_Assembly_x86

This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly

av-bypass av-evasion edr-bypass edr-evasion

C++ 18

2 年前