Template-Driven AV/EDR Evasion Framework
翻译 - 模板驱动的 AV / EDR 规避框架
PE Injection、DLL Injection、Process Injection、Thread Injection、Code Injection、Shellcode Injection、ELF Injection、Dylib Injection, including 400+Tools and 350+posts
PE loader with various shellcode injection techniques
🐟 PoC of a VBA macro spawning a process with a spoofed parent and command line.
Materials for the workshop "Red Team Ops: Havoc 101"
Some DLL Injection techniques in C++ implemented for both x86 and x64 windows OS processes
#Awesome#Centralized resource for listing and organizing known injection techniques and POCs
This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret gadget can be used for stealthy code injection.
A C# DLL injection library
翻译 - C# DLL 注入库
A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (using pe2shc by @hasherezade). Payload encryption via SystemFuc...
An open-source process injection enumeration tool written in C#
Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.
Source code of exploiting windows API for red teaming series
A dynamic unpacking tool
Shellcode obfuscation tool to avoid AV/EDR.
x64/x86 shellcode injector
Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks
Various methods of executing shellcode