Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
-
Updated
Jan 19, 2024 - C
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
🐍 Double Venom (DVenom) is a tool that provides an encryption wrapper and loader for your shellcode.
🌟[NEW] Log by Telegram+Clipper ✅ [0/70] FUD Stealer can bypass all antivirus (Our Grabber can grabs: Wallets, Passwords, Credit Card, Cookies, Autofills, All Discord Token and info, Telegram, Twitter, TikTok, Twitch, Spotify, Riot Games, Reddit, Roblox, and Steam and Backup code too ( 2fa/a2f ). 🔑 ⚠Disclaimer: We're not liable for caused damages.
A simple and stealthy reverse shell written in Nim that bypasses Windows Defender detection. This tool allows you to establish a reverse shell connection with a target system. Use responsibly for educational purposes only.
How to bypass windows defender by forcing uac
Red Teaming Tactics and Techniques
A simple, obfuscated in-memory injection script written in PowerShell that bypasses Windows Defender
Windows RAT w/ antivirus bypass.
Generate obfuscated PowerShell commands using XOR logic with random keys!
Fully Undetected Grabber (Grabs Wallets, Passwords, Cookies, Modifies Discord Client Etc.) Disclaimer: We are not responsible for any damages this software may cause after being acquired. This software was made for personal education and sandbox testing. Topics bot discord logger discordapp
WinRM Reverse Shell Using Powershell.
Anti Malware Scan Interface (DLL) Bypass
Actively captures host computer’s clipboard content. Logs keystrokes into a readable text log. Takes a screenshot of host computer by every mouse-click occurrence. Encrypts all logs and images created by the tool. The python code itself is encrypted to hinder detection by anti-virus software.
Repository to publish your evasion techniques and contribute to the project
Contact me for transform every payload in a fud piece of malware
EDRSandBlast is a tool written in C that weaponize a vulnerable signed driver to bypass EDR detections (Notify Routine callbacks, Object Callbacks and ETW TI provider) and LSASS protections. Multiple userland unhooking techniques are also implemented to evade userland monitoring.
Add a description, image, and links to the antivirus-bypass topic page so that developers can more easily learn about it.
To associate your repository with the antivirus-bypass topic, visit your repo's landing page and select "manage topics."