av-bypass | Topic | Ecosyste.ms: Repos

Topic: "av-bypass"

ayoubfaouzi/al-khaser

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

Language: C++ - Size: 2.49 MB - Last synced at: 10 days ago - Pushed at: about 1 month ago - Stars: 6,314 - Forks: 1,203

klezVirus/inceptor

Template-Driven AV/EDR Evasion Framework

Language: Assembly - Size: 19.9 MB - Last synced at: 7 days ago - Pushed at: over 1 year ago - Stars: 1,681 - Forks: 269

hlldz/SpookFlare 📦

Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures.

Language: Python - Size: 76.2 KB - Last synced at: about 2 months ago - Pushed at: about 6 years ago - Stars: 948 - Forks: 188

thomasxm/BOAZ_beta

Multilayered AV/EDR Evasion Framework

Language: C++ - Size: 85.6 MB - Last synced at: 12 days ago - Pushed at: 13 days ago - Stars: 662 - Forks: 108

alphaSeclab/anti-av

Resources About Anti-Virus and Anti-Anti-Virus, including 200+ tools and 1300+ posts

Size: 139 KB - Last synced at: 3 months ago - Pushed at: about 5 years ago - Stars: 435 - Forks: 93

yutianqaq/AVEvasionCraftOnline

An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods.

Language: Go - Size: 1.82 MB - Last synced at: 4 days ago - Pushed at: about 1 year ago - Stars: 329 - Forks: 54

SubGlitch1/OSRipper

AV evading OSX Backdoor and Crypter Framework

Language: Python - Size: 4.22 MB - Last synced at: 11 days ago - Pushed at: about 1 year ago - Stars: 287 - Forks: 48

VirtualAlllocEx/Direct-Syscalls-vs-Indirect-Syscalls

The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls

Language: C - Size: 24.4 KB - Last synced at: 4 days ago - Pushed at: over 1 year ago - Stars: 191 - Forks: 24

VirtualAlllocEx/Direct-Syscalls-A-journey-from-high-to-low

Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low level).

Language: C - Size: 592 KB - Last synced at: 4 days ago - Pushed at: about 2 years ago - Stars: 133 - Forks: 23

njcve/inflate.py

Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.

Language: Python - Size: 3.91 KB - Last synced at: about 1 year ago - Pushed at: about 3 years ago - Stars: 112 - Forks: 15

PaleGreenFILE/KenzoWindowsCrypter

Windows Crypter and loader FUD (Good antivirus and windows defender evasion tool)

Size: 2.93 KB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 89 - Forks: 0

aniel300/KenzoWindowsCrypter

Windows Crypter and loader FUD (Good antivirus and windows defender evasion tool)

Size: 1.95 KB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 85 - Forks: 0

mohamedkhaled2015956/F1RE-Windows-Crypter

Size: 0 Bytes - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 85 - Forks: 0

chuycantcode/F1RE-Windows-Crypter

Windows Crypter and loader FUD (Good antivirus and windows defender evasion tool)

Size: 1.95 KB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 78 - Forks: 0

Cipher7/ApexLdr

ApexLdr is a DLL Payload Loader written in C

Language: C - Size: 738 KB - Last synced at: 11 months ago - Pushed at: 11 months ago - Stars: 72 - Forks: 16

sentiel1777/F1RE-Windows-Crypter

Size: 0 Bytes - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 70 - Forks: 0

Fei-xiangShi/F1RE-Windows-Crypter

Windows Crypter and loader FUD (Good antivirus and windows defender evasion tool)

Size: 0 Bytes - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 67 - Forks: 0

BrK777/F1RE-Windows-Crypter

Windows Crypter and loader FUD (Good antivirus and windows defender evasion tool)

Size: 0 Bytes - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 66 - Forks: 0

Hehrh1234/F1RE-Windows-Crypter

Size: 1.95 KB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 64 - Forks: 0

skulldozer1/F1RE-Windows-Crypter

Windows Crypter and loader FUD (Good antivirus and windows defender evasion tool)

Size: 0 Bytes - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 64 - Forks: 0

VirtualAlllocEx/DSC_SVC_REMOTE

This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for local privilege escalation in the context of an unquoted service path, etc. The payload itself can be remotely hosted, downloaded via the wininet library and then executed via direct system calls.

Language: C - Size: 21.5 KB - Last synced at: 4 days ago - Pushed at: about 2 years ago - Stars: 51 - Forks: 11

1captainnemo1/DLLREVERSESHELL

A CUSTOM CODED FUD DLL, CODED IN C , WHEN LOADED , VIA A DECOY WEB-DELIVERY MODULE( FIRING A DECOY PROGRAM), WILL GIVE A REVERSE SHELL (POWERSHELL) FROM THE VICTIM MACHINE TO THE ATTACKER CONSOLE , OVER LAN AND WAN.

Language: C - Size: 435 KB - Last synced at: 30 days ago - Pushed at: almost 6 years ago - Stars: 34 - Forks: 14

malwarekid/Inject-EXE

The provided Python program, Inject-EXE.py, allows you to combine a malicious executable with a legitimate executable, producing a single output executable. This output executable will contain both the malicious and legitimate executables.

Language: Python - Size: 7.81 KB - Last synced at: about 2 months ago - Pushed at: 11 months ago - Stars: 33 - Forks: 7

hackerOrionX/ORIONX-FUD-CRYPTER

The only FREE and 100% FUD crypter that will still FUD, work on Windows. Powerfull obfuscator to bypass Anti-Viruses detection.

Language: Tcl - Size: 97 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 33 - Forks: 3

1captainnemo1/PersistentCReverseShell

A PERSISTENT FUD Backdoor ReverseShell coded in C for any Windows distro, that will make itself persistent on every BOOT and fire a decoy app in the foreground while connecting back to the attacker machine as a silent background process , spawning a POWERSHELL on the attacker machine.

Language: C - Size: 12.7 KB - Last synced at: 30 days ago - Pushed at: about 6 years ago - Stars: 32 - Forks: 13

CroodSolutions/AutoPwnKey

AutoPwnKey is a red teaming framework and testing tool using AutoHotKey (AHK), which at the time of creation proves to be quite evasive. It is our hope that this tool will be useful to red teams over the short term, while over the long term help AV/EDR vendors improve how they handle AHK scripts.

Language: AutoHotkey - Size: 1.28 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 25 - Forks: 5

fctsociety/pdf-exploit

You open a pdf but the executable file opens (FUD)

Language: Python - Size: 4.71 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 20 - Forks: 0

VirtualAlllocEx/Create_Thread_Inline_Assembly_x86

This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly

Language: C++ - Size: 563 KB - Last synced at: 4 days ago - Pushed at: about 2 years ago - Stars: 18 - Forks: 9

Enelg52/Backpack

Golang packer that use process hollowing

Language: Go - Size: 53.7 KB - Last synced at: 2 months ago - Pushed at: about 3 years ago - Stars: 17 - Forks: 4

x0reaxeax/SyscallHookBypass

NTAPI hook bypass with (semi) legit stack trace

Language: C - Size: 8.79 KB - Last synced at: 11 days ago - Pushed at: about 2 years ago - Stars: 15 - Forks: 2

Souhardya/IMProtector

Old 32 bit PE executable protector / crypter

Language: C++ - Size: 35.2 KB - Last synced at: about 1 month ago - Pushed at: over 3 years ago - Stars: 14 - Forks: 8

VirtualAlllocEx/Shell-we-Assembly

Shellcode execution via x86 inline assembly based on MSVC syntax

Language: C++ - Size: 26.4 KB - Last synced at: 11 days ago - Pushed at: about 2 years ago - Stars: 13 - Forks: 5

Workaholic9/FUD-Crypter-Bypass-Windows-Defender

Origami Crypter with an updated version of the stub that bypasses windows defender.

Size: 4.47 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 12 - Forks: 1

YuVUwU/pdf-exploit

FUD PDF EXPLOIT SOURCE CODE

Language: Python - Size: 2.07 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 11 - Forks: 0

v-lavrentikov/obfuscator

Binary obfuscation, anti-reversing, anti-debugging and av-bypass framework for Windows

Language: Go - Size: 41 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 10 - Forks: 1

x0reaxeax/KillHandles

Closes handles of a remote process in attempt to crash it

Language: C - Size: 8.79 KB - Last synced at: 11 days ago - Pushed at: about 2 years ago - Stars: 10 - Forks: 2

Vasco0x4/ShellLoader_Hub

Shellcode Loader Library.

Size: 9.77 KB - Last synced at: about 2 months ago - Pushed at: 5 months ago - Stars: 9 - Forks: 1

Lucas310302/Coin-Nest

XMR Miner Malware

Language: Python - Size: 6.48 MB - Last synced at: about 2 months ago - Pushed at: over 1 year ago - Stars: 7 - Forks: 3

VirtualAlllocEx/Create_Thread-Inline_Assembly_x86_Fibers

This POC provides the ability to execute x86 shellcode in the form of a .bin file based on x86 inline assembly and execution over fibers

Language: C++ - Size: 466 KB - Last synced at: 4 days ago - Pushed at: about 2 years ago - Stars: 7 - Forks: 4

Atlas595/AtlasCrypt

Windows Crypter and loader FUD (Good antivirus and windows defender evasion tool)

Size: 0 Bytes - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 6 - Forks: 0

EvilBytecode/veh-syscalls-shellcode

NFS

Size: 7.81 KB - Last synced at: 13 days ago - Pushed at: about 1 month ago - Stars: 4 - Forks: 2

mauricelambert/ReverseShell

This package implements an advanced reverse shell console (supports: TCP, UDP, IRC, HTTP and DNS).

Language: Python - Size: 95.7 KB - Last synced at: about 2 months ago - Pushed at: over 1 year ago - Stars: 4 - Forks: 2

shaddy43/XOR_Shellcode_Encryptor

This repository contains xor shellcode encryptor that is used to bypass static or signature based detection of malicious shellcodes for Process Injection exploits

Language: C# - Size: 5.86 KB - Last synced at: over 1 year ago - Pushed at: over 3 years ago - Stars: 4 - Forks: 3

JenarGithub76/payload-obfuscator

A Python-based tool for studying and practicing Windows PE binary obfuscation techniques.

Size: 1000 Bytes - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 3 - Forks: 0

oldkingcone/Tucker

Like the chimera of Nina Tucker, PHP based local enumeration of windows systems.

Language: PHP - Size: 26.4 KB - Last synced at: 10 days ago - Pushed at: 3 months ago - Stars: 3 - Forks: 0

OlivierLaflamme/custom_binary_for_reverseshell

custom binary reverseshell in C#

Language: C# - Size: 2.93 KB - Last synced at: about 2 years ago - Pushed at: over 4 years ago - Stars: 3 - Forks: 1

h1ack/M-NGen

Size: 2.17 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 2 - Forks: 0

VBV11/WinRM-Reverse-Shell

WinRM Reverse Shell Using Powershell.

Language: PowerShell - Size: 45.9 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 2 - Forks: 0

24greyhat/Hips

Hidden in plain sight! simple yet effective covert way to obfuscate data (e.g., shellcode), no one will tell gibberish from malicious!

Language: Python - Size: 1000 Bytes - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 2 - Forks: 2

bobby-tablez/Heuristic-Confuser

Sandbox/Heuristic PowerShell Bypass

Language: PowerShell - Size: 3.91 KB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 2 - Forks: 0

Queered/FUD-ReverseShell

IRC likely reverse shell

Language: JavaScript - Size: 43 KB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 2 - Forks: 1

Koray123-debug/The-Titan-Crypter

Size: 13.7 KB - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 1 - Forks: 0

m0rd3caii/goRAT

This Remote Access Tool (RAT), built with Go, is controlled via a Discord bot. The bot connects to a target machine and allows remote control through Discord commands.

Language: Go - Size: 21.7 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 1 - Forks: 0

noderaven/payload-obfuscator

A Python-based tool for studying and practicing Windows PE binary obfuscation techniques.

Language: Python - Size: 132 KB - Last synced at: about 2 months ago - Pushed at: 3 months ago - Stars: 1 - Forks: 0

UniversDevs/UniversalCrypter

Best Free Open Source FUD Crypter

Language: Visual Basic .NET - Size: 1.03 MB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 1 - Forks: 0

xiosec/Evil-MSCLR

Evil-MSCLR is a tool to load ShellCode and execute commands via the CLR feature in MSSQL.

Language: Go - Size: 3.97 MB - Last synced at: 3 months ago - Pushed at: 4 months ago - Stars: 1 - Forks: 0

DragonRaaS/Dragon-Ransomware

New Ransomware bypassing EDR, AVs, UAC, Sandboxes.

Language: C# - Size: 1.95 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 1 - Forks: 0

Vandan8123/The-Titan-Crypter

The-Titan-Crypter is a powerful tool designed to encrypt and obfuscate executable files, enhancing their security against detection. It provides users with a straightforward interface to customize settings and improve the stealth of their applications.

Size: 6.84 KB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 0 - Forks: 0

JuanGalindo96/Crypter-FUD

Crypter v2.0 is an encryption tool that encrypts your files using a strong encryption algorithm. With this tool you can give the impression that your infected files are not infected. With Crypter v2.0 you can obfuscate your files.

Language: Visual Basic .NET - Size: 139 KB - Last synced at: 26 days ago - Pushed at: 27 days ago - Stars: 0 - Forks: 0

Malforge-Maldev-Public-Organization/AV-Evasion-with-XOR-Encryption

Technique for AV evasion using XOR encryption to obfuscate payloads.

Language: C - Size: 5.86 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0

FUDCrypter-ue/Apk-Crypter

Android FUD • Apk Crypter - t.me/TheCyberdemons • T.me/XVirtuo

Size: 1.7 MB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 0 - Forks: 1

EducationaSites/UniversalCrypter

Best Free Open Source FUD Crypter

Size: 1000 Bytes - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0

Xyle0/FUD-Crypter-Undetectable-360-Chinese-Antivirus-Bypass-with-Xyle-Shield-Advanced-AV-Evasion

360 Chinese Antivirus Bypass

Language: C# - Size: 0 Bytes - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 0 - Forks: 0

VEN0MTOOLS/VENOM-FUD-CRYPTER-SOFTWARE

FUD Crypter is encryption tool. You can make FUD your files to bypass antiviruses “Windows Defender AMSI” etc. Also you can protect your own codes with FUD Crypter 2024. You can get FUD Results with Crypter FUD 2024 on Scantime and Runtime. Your file will be secure with our encryption.

Size: 5.86 KB - Last synced at: 9 months ago - Pushed at: 9 months ago - Stars: 0 - Forks: 0