Git Product home page Git Product logo

Aviral Jain's Projects

acheron icon acheron

indirect syscalls for AV/EDR evasion in Go assembly

adcshunter icon adcshunter

Uses rpcdump to locate the ADCS server, and identify if ESC8 is vulnerable from unauthenticated perspective.

apcldr icon apcldr

Payload Loader With Evasion Features

atlasldr icon atlasldr

Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls

badzure icon badzure

BadZure orchestrates the setup of Azure Active Directory tenants, populating them with diverse entities while also introducing common security misconfigurations to create vulnerable tenants with multiple attack paths.

blackout icon blackout

kill anti-malware protected processes (BYOVD)

bobthesmuggler icon bobthesmuggler

"Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file format, then XOR encrypt the archive and then hides inside PNG/GIF image file format (Image Polyglots).

bypassav icon bypassav

Documentation about how to bypass AMSI or AV.

cheesetools icon cheesetools

Self-developed tools for Lateral Movement/Code Execution

chimera icon chimera

Automated DLL Sideloading Tool With EDR Evasion Capabilities

cloudpentestcheatsheets icon cloudpentestcheatsheets

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

coercedpotatordll icon coercedpotatordll

Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege

condor icon condor

「🛡️」AVs/EDRs Evasion tool

darkside icon darkside

C# AV/EDR Killer using less-known driver (BYOVD)

darkwidow icon darkwidow

Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashing

dkmc icon dkmc

DKMC - Dont kill my cat - Malicious payload evasion tool

edrception icon edrception

A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.

edrsilencer icon edrsilencer

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

espio icon espio

Shellcode obfuscation tool to avoid AV/EDR.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.