Template-Driven AV/EDR Evasion Framework
Multilayered AV/EDR Evasion Framework
#Awesome#Centralized resource for listing and organizing known injection techniques and POCs
PE Injection、DLL Injection、Process Injection、Thread Injection、Code Injection、Shellcode Injection、ELF Injection、Dylib Injection, including 400+Tools and 350+posts
PE loader with various shellcode injection techniques
🐟 PoC of a VBA macro spawning a process with a spoofed parent and command line.
Materials for the workshop "Red Team Ops: Havoc 101"
Some DLL Injection techniques in C++ implemented for both x86 and x64 windows OS processes
This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret gadget can be used for stealthy code injection.
A C# DLL injection library
An open-source process injection enumeration tool written in C#
A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (using pe2shc by @hasherezade). Payload encryption via SystemFuc...
Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.
Source code of exploiting windows API for red teaming series
A dynamic unpacking tool
Shellcode obfuscation tool to avoid AV/EDR.
simple shellcode injector
Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks
Various methods of executing shellcode