PoC for http://www.hexacorn.com/blog/2020/03/29/hiding-process-creation-and-cmd-line-with-a-long-com/
-
Updated
May 1, 2020 - C++
PoC for http://www.hexacorn.com/blog/2020/03/29/hiding-process-creation-and-cmd-line-with-a-long-com/
Packer (actually a crypter) for antivirus evasion implemented for windows PE files (BSc-Thesis)
Enumerate and disable common sources of telemetry used by AV/EDR.
InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date detection and evasion techniques as well as fixes for them.
This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built in Sleep() call. Most of the structure e.g. Sleep hook, shellcode exec etc. are taken from mgeeky's https://github.com/mgeeky/ShellcodeFluctuation.
Reduce Dynamic Analysis Detection Rates With Built-In Unhooker, Anti Analysis Techniques, And String Obfuscator Modules.
Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.
Repository to publish your evasion techniques and contribute to the project
Using c++23 compile-time magic to produce obfuscated PIC strings and arrays.
Just another process dumping tool for Windows, supporting network delivery and snapshots
Unhook Ntdll.dll, Go & C++.
Add a description, image, and links to the evasion topic page so that developers can more easily learn about it.
To associate your repository with the evasion topic, visit your repo's landing page and select "manage topics."