Binary obfuscation, anti-reversing, anti-debugging and av-bypass framework for Windows
-
Updated
May 30, 2024 - Go
Binary obfuscation, anti-reversing, anti-debugging and av-bypass framework for Windows
AV bypass while you sip your Chai!
Program/Library for Python created to protect your code from decompilation and detection by antiviruses
An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods.
WinRM Reverse Shell Using Powershell.
Hidden in plain sight! the simplest yet most effectively covert way to obfuscate data (e.g., shellcode), no one can tell gibberish from malicious anymore!
𝔫𝔢𝔵𝔱-𝔤𝔢𝔫 𝔠𝔯𝔶𝔭𝔱𝔬 𝔩𝔬𝔠𝔨𝔢𝔯 - 𝔫𝔬𝔱 𝔣𝔬𝔯 𝔦𝔩𝔩𝔢𝔤𝔞𝔩 𝔭𝔲𝔯𝔭𝔬𝔰𝔢
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
AV evading OSX Backdoor and Crypter Framework
The only FREE and 100% FUD crypter that will still FUD, work on Windows. Powerfull obfuscator to bypass Anti-Viruses detection.
A simple and stealthy reverse shell written in Nim that bypasses Windows Defender detection. This tool allows you to establish a reverse shell connection with a target system. Use responsibly for educational purposes only.
The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls
Template-Driven AV/EDR Evasion Framework
XMR Miner Malware
This package implements an advanced reverse shell console (supports: TCP, UDP, IRC, HTTP and DNS).
NTAPI hook bypass with (semi) legit stack trace
This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for local privilege escalation in the context of an unquoted service path, etc. The payload itself can be remotely hosted, downloaded via the wininet library and then executed via direct system calls.
Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low level).
Closes handles of a remote process in attempt to crash it
Add a description, image, and links to the av-bypass topic page so that developers can more easily learn about it.
To associate your repository with the av-bypass topic, visit your repo's landing page and select "manage topics."