BLUESPAWN
DripLoader
BLUESPAWN | DripLoader | |
---|---|---|
1 | 6 | |
1,202 | 666 | |
- | - | |
0.0 | 1.8 | |
9 months ago | over 2 years ago | |
C++ | C++ | |
GNU General Public License v3.0 only | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
BLUESPAWN
-
Thesis/Project for university
I do a lot of work on an open source anti-virus project (https://github.com/ION28/BLUESPAWN), and we're always looking for new contributors. It's been a great learning experience! Not sure if you need to build something from scratch or not, though.
DripLoader
- Bypassing EDR real-time injection detection logic
- Does anyone know any good x64 shellcode loaders?
- DripLoader: Evasive shellcode loader for bypassing event-based injection detection
- DripLoader - Evasive shellcode loader for bypassing event-based injection detection
- DripLoader: Evasive shellcode loader for bypassing event-based injection detection, without necessarily suppressing event collection - aiming to highlight limitations of event-driven injection identification, and show the need for more advanced memory scanning/smarter local agent inventories in EDR
What are some alternatives?
atomic-red-team - Small and highly portable detection tests based on MITRE's ATT&CK.
MicroBackdoor - Small and convenient C2 tool for Windows targets. [ Русский -- значит нахуй! ]
sliver - Adversary Emulation Framework
donut - Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
RIP - Free,Open-Source,Cross-platform agent and Post-exploiton tool written in Golang and C++.
pe_to_shellcode - Converts PE into a shellcode
TelemetrySourcerer - Enumerate and disable common sources of telemetry used by AV/EDR.
x64dbg - An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
CSharpReflectionWorkshop - The repository that complements the From zero to hero: creating a reflective loader in C# workshop
GUI-for-GoodbyeDPI - Anti Censorship Application
donut - Official Implementation of OCR-free Document Understanding Transformer (Donut) and Synthetic Document Generator (SynthDoG), ECCV 2022