av-bypass topic

List av-bypass repositories

Backpack

16
Stars
4
Forks
Watchers

Golang packer that use process hollowing

verified publisher icon Enelg52

Direct-Syscalls-vs-Indirect-Syscalls

159
Stars
20
Forks
Watchers

The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls

verified publisher icon VirtualAlllocEx

AVEvasionCraftOnline

209
Stars
39
Forks
Watchers

An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods.

verified publisher icon yutianqaq

Direct-Syscalls-A-journey-from-high-to-low

127
Stars
20
Forks
Watchers

Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low level).

verified publisher icon VirtualAlllocEx

DSC_SVC_REMOTE

50
Stars
10
Forks
Watchers

This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for local privilege escalation in the context of an unquoted service p...

verified publisher icon VirtualAlllocEx

Create_Thread_Inline_Assembly_x86

15
Stars
8
Forks
Watchers

This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly

verified publisher icon VirtualAlllocEx

ChaiLdr

158
Stars
21
Forks
Watchers

AV bypass while you sip your Chai!

verified publisher icon Cipher7

pdf-exploit

19
Stars
0
Forks
Watchers

You open a pdf but the executable file opens (FUD)

verified publisher icon fctsociety

pdf-exploit

15
Stars
0
Forks
Watchers

FUD PDF EXPLOIT SOURCE CODE

verified publisher icon YuVUwU

Inject-EXE

26
Stars
6
Forks
Watchers

The provided Python program, Inject-EXE.py, allows you to combine a malicious executable with a legitimate executable, producing a single output executable. This output executable will contain both th...

verified publisher icon malwarekid