etw-bypass

Here are 8 public repositories matching this topic...

thomasxm / BOAZ_beta

Multilayered AV/EDR Evasion Framework

obfuscation code-injection antivirus-evasion payload-generator av-evasion av-bypass red-teaming process-injection boaz pe-packer edr-bypass av-edr-bypass red-teaming-tools etw-bypass red-ream

Updated Sep 3, 2024
C++

BlackSnufkin / NyxInvoke

Star

NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support

rust inline-assembly offensive-security red-team amsi-bypass etw-bypass

Updated Oct 24, 2024
Rust

EvilBytecode / Lifetime-Amsi-EtwPatch

Star

Two in one, patch lifetime powershell console, no more etw and amsi!

pentesting etw fud red-teaming amsi amsi-bypass amsi-evasion etw-evasion amsi-patch etw-bypass

Updated Jun 27, 2024
Go

Chainski / PandaLoader

Star

A WIP shellcode loader tool which bypasses AV/EDR, coded in C++, and equipped with a minimal console builder.

obfuscation powershell persistence malware shellcode evasion pe-loader bypass-antivirus crypter shellcode-loader payload-generator xor-encryption redteam shellcode-encoder edr-bypass etw-evasion etw-bypass

Updated Sep 1, 2024
C++

wabzsy / gonut

Star

Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.

golang shellcode donut pe2shellcode amsi-bypass pe2shc etw-bypass wldp-bypass

Updated Jul 29, 2023
Go

0xflux / ETW-Bypass-Rust

Star

Event Tracing for Windows EDR bypass in Rust

rust malware hacking pentesting etw malware-research pentest ethical-hacking red-team pentest-tool redteaming redteam edr ethical-hacking-tools redteam-tools edr-bypass edr-evasion etw-evasion etw-bypass

Updated Jun 9, 2024
Rust

EvilBytecode / ETW-Patch

Star

code snippet provided demonstrates how to patch the EtwEventWrite function in the ntdll.dll library on Windows using CGO (C Go).

etw evasion fud av-evasion etw-evasion etweventwrite etw-bypass

Updated Jun 27, 2024
Go

Chainski / Lifetime-Amsi-EtwPatch

Star

Loads a C# binary in memory within powershell profile, patching AMSI + ETW.

nim powershell etw offensive-security fud red-teaming pentesting-tools amsi-bypass amsi-evasion etw-evasion amsi-patch etw-bypass offensivenim

Updated Jun 27, 2024
Nim

Improve this page

Add a description, image, and links to the etw-bypass topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the etw-bypass topic, visit your repo's landing page and select "manage topics."

Learn more

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

etw-bypass

Here are 8 public repositories matching this topic...

thomasxm / BOAZ_beta

BlackSnufkin / NyxInvoke

EvilBytecode / Lifetime-Amsi-EtwPatch

Chainski / PandaLoader

wabzsy / gonut

0xflux / ETW-Bypass-Rust

EvilBytecode / ETW-Patch

Chainski / Lifetime-Amsi-EtwPatch

Improve this page

Add this topic to your repo