Lists (1)
Stars
Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework
Implementing the ghostly hollowing PE injection technique using tampered syscalls.
Simulate the behavior of AV/EDR for malware development training.
The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls
Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Directory environments
Killer is a super simple tool designed to bypass AV/EDR security tools using various evasive techniques.
Enumerating and removing kernel callbacks using signed vulnerable drivers