DripLoader
donut
DripLoader | donut | |
---|---|---|
6 | 4 | |
666 | 3,218 | |
- | - | |
1.8 | 0.0 | |
over 2 years ago | about 1 month ago | |
C++ | C | |
MIT License | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
DripLoader
- Bypassing EDR real-time injection detection logic
- Does anyone know any good x64 shellcode loaders?
- DripLoader: Evasive shellcode loader for bypassing event-based injection detection
- DripLoader - Evasive shellcode loader for bypassing event-based injection detection
- DripLoader: Evasive shellcode loader for bypassing event-based injection detection, without necessarily suppressing event collection - aiming to highlight limitations of event-driven injection identification, and show the need for more advanced memory scanning/smarter local agent inventories in EDR
donut
-
Bypassing Windows Defender (10 Ways)
The Donut project by TheWover is a very effective Position-Independent shellcode generator from PEs/DLLs. Depending on the input file given, it works different ways. For this PoC I will be using Mimikatz, so let us see how it works at a high level. From a brief look at the code, this would be the main routine of the Donut.exe executable tool:
-
Cannot Load .NET assemblies in memory!
Note that I used the loader from donut and it worked as expected! What am I doing wrong here people?
-
BEST KALI TOOL TO MAKE UNDETECTABLE BACKDOOR 2022?
Donut -- tool to convert (certain, very simple, non-.NET) PE files into shellcode.
- Does anyone know any good x64 shellcode loaders?
What are some alternatives?
MicroBackdoor - Small and convenient C2 tool for Windows targets. [ Русский -- значит нахуй! ]
Shhhloader - Syscall Shellcode Loader (Work in Progress)
pe_to_shellcode - Converts PE into a shellcode
vivanewvegas-wabbajack - A Wabbajack port of the Viva New Vegas modding guide.
TelemetrySourcerer - Enumerate and disable common sources of telemetry used by AV/EDR.
CSharpReflectionWorkshop - The repository that complements the From zero to hero: creating a reflective loader in C# workshop
ThreatCheck - Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.
donut - Official Implementation of OCR-free Document Understanding Transformer (Donut) and Synthetic Document Generator (SynthDoG), ECCV 2022
obfuscator
Create-Thread-Shellcode-Fetcher - This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and download and execute your C2-shellcode which is hosted on your (C2)-webserver.
openmw - OpenMW is an open-source open-world RPG game engine that supports playing Morrowind. Main repo and issue tracker can be found here: https://gitlab.com/OpenMW/openmw/