Skip to content
View evilashz's full-sized avatar
🍊
Focusing
🍊
Focusing
642 followers · 139 following

Achievements

Achievement: Starstruckx2

Achievements

Achievement: Starstruckx2

Organizations

@CBLabresearch

Block or report evilashz

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Stars

Evasion

27 repositories

ASkyeye / DllNotificationInjection

A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and remote processes.

C++ 6 Updated Aug 14, 2023

JustasMasiulis / xorstr

heavily vectorized c++17 compile time string encryption.

C++ 1,407 198 Updated Nov 19, 2021

outflanknl / Dumpert

LSASS memory dumper using direct system calls and API unhooking.

C 1,576 252 Updated Jan 5, 2021

ConsciousHacker / WFH

Python 433 73 Updated Aug 17, 2022

ASkyeye / LoudSunRun

My shitty attempt at tampering with the callstack based on the work of namazso, SilentMoonWalk, and VulcanRaven

C 5 1 Updated Jun 17, 2023

antonioCoco / SspiUacBypass

Bypassing UAC with SSPI Datagram Contexts

C++ 462 62 Updated Sep 24, 2023

WKL-Sec / Malleable-CS-Profiles

A list of python tools to help create an OPSEC-safe Cobalt Strike profile.

C++ 511 61 Updated May 19, 2025

ASkyeye / BOFRyptor

Assembly 1 Updated Oct 9, 2023

ASkyeye / CoercedPotato

C 3 Updated Oct 9, 2023

Like0x / AddDefenderExclusions-BOF

AddDefenderExclusions Beacon Object File

C 41 3 Updated Jun 25, 2023

kleiton0x00 / Proxy-DLL-Loads

A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.

C 411 55 Updated Jan 11, 2026

ewby / Mockingjay_BOF

Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique

C 158 17 Updated Nov 7, 2023

CymulateResearch / Blindside

Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms

C++ 136 21 Updated Dec 20, 2022

netero1010 / GhostTask

A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.

C 614 69 Updated Jan 2, 2025

myzxcg / RealBlindingEDR

Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...

C++ 1,294 222 Updated Jun 21, 2024

ElliotKillick / LdrLockLiberator

For when DLLMain is the only way

C 424 72 Updated Oct 29, 2024

Yair-Men / Passenger

ProcExp Driver (Ab)use

C++ 22 Updated Dec 28, 2022

gtworek / PSBits

Simple (relatively) things allowing you to dig a bit deeper than usual.

C 3,483 560 Updated Feb 16, 2026

klezVirus / SilentMoonwalk

PoC Implementation of a fully dynamic call stack spoofer

C++ 922 110 Updated Jul 20, 2024

WithSecureLabs / CallStackSpoofer

A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)

C++ 558 72 Updated Apr 8, 2025

adamyaxley / Obfuscate

Guaranteed compile-time string literal obfuscation header-only library for C++14

C++ 1,282 181 Updated Sep 3, 2025

llxiaoyuan / oxorany

obfuscated any constant encryption in compile time on any platform

C++ 529 95 Updated Apr 25, 2023

netero1010 / EDRSilencer

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

C 1,823 238 Updated Nov 3, 2024

senzee1984 / MutationGate

Use hardware breakpoint to dynamically change SSN in run-time

C++ 280 37 Updated Apr 10, 2024

iamagarre / BadExclusionsNWBO

BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR

C++ 75 12 Updated Feb 9, 2024

optiv / Mangle

Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs

Go 1,229 169 Updated Aug 18, 2023

xpn / NautilusProject

A collection of weird ways to execute unmanaged code in .NET

C# 172 20 Updated May 4, 2021