execute a PE in the address space of another PE aka process hollowing
-
Updated
Dec 2, 2021 - Go
execute a PE in the address space of another PE aka process hollowing
Sandbox evasion code snippets developped in Golang
A Golang shellcode loader that receives payloads via ICMP packets from a C2 server to bypass firewalls
Go shellcode loader that combines multiple evasion techniques
Fingerprint evasion library for HTTP clients and webdrivers.
File entropy calculator - Golang
Supernova 的中文版和扩展了一些加密方式(ROT, XOR, RC4, AES, CHACHA20, B64XOR, B64RC4, B64AES, B64CHACHA20)
This repo contains a implimentation of the Process Hollowing tehcnique.
Real fucking shellcode encryptor & obfuscator tool
Go Based Crypter That Can Bypass Any Kinds Of Antivirus Products, payload crypter supports over 4 programming languages.
code snippet provided demonstrates how to patch the EtwEventWrite function in the ntdll.dll library on Windows using CGO (C Go).
(EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.
Add a description, image, and links to the evasion topic page so that developers can more easily learn about it.
To associate your repository with the evasion topic, visit your repo's landing page and select "manage topics."