Acheron Acheron is a library inspired by SysWhisper3/FreshyCalls/RecycledGate, with most of the functionality implemented in Go assembly. acheron...
Exploitation
Hades Hades is a proof-of-concept loader that combines several evasion techniques with the aim of bypassing the...
Discord Voice Channel C2 aka DCVC2 This multi-operating system-compatible tool was created to leverage Discord’s voice channels...
AtomLdr: A DLL loader with evasive features Features: CRT library independent. The final DLL file, can run...
Kubestroyer Kubestroyer aims to exploit Kubernetes clusters misconfigurations and be the swiss army knife of your Kubernetes...
Bypass Sandbox Evasion Sandboxes are commonly used to analyze malware. They provide a temporary, isolated, and secure...
Fiber A fiber is a unit of execution that must be manually scheduled by the application rather...
KILLER TOOL (EDR Evasion) It’s an AV/EDR Evasion tool created to bypass security tools for learning, until...
BROPPER An automatic Blind ROP exploitation python tool Abstract BROP (Blind ROP) was a technique found by...
APCLdr: Payload Loader With Evasion Features Features: no crt functions imported indirect syscalls using HellHall api hashing using...
Invoke-PSObfuscation Traditional obfuscation techniques tend to add layers to encapsulate standing code, such as base64 or compression....
Shoggoth Shoggoth is an open-source project based on C++ and asmjit library used to encrypt given shellcode,...
HWSyscalls HWSyscalls is a new method to execute indirect syscalls using 3 main components: Hardware breakpoints and...
RedditC2 Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit,...
SilentMoonwalk SilentMoonwalk is a PoC implementation of a fully dynamic call stack spoofer, implementing a technique to...