Freeze
Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods (by optiv)
NSGenCS
Extendable payload obfuscation and delivery framework (by t3hbb)
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Freeze
Posts with mentions or reviews of Freeze.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-04-16.
- Red team engagement help!
-
Bypassing Windows Defender 2023
At the moment I am trying to obfuscate a cobaltstrike exe beacon. I tried with https://github.com/optiv/Freeze and with a custom shellcode loader (encrypted in AES) in C++ but I didn't get any luck.
- Freeze - a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
- Freeze - Payload Generation Toolkit for Bypassing EDR
- Freeze: Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods on Windows
NSGenCS
Posts with mentions or reviews of NSGenCS.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-04-16.
-
Red team engagement help!
Never failed to get execution on target using this https://github.com/t3hbb/NSGenCS
- NSGenCS: Extendable payload obfuscation and delivery framework
What are some alternatives?
When comparing Freeze and NSGenCS you can also consider the following projects:
SigThief - Stealing Signatures and Making One Invalid Signature at a Time
Limelighter - A tool for generating fake code signing certificates or signing real ones
ScareCrow - ScareCrow - Payload creation framework designed around EDR bypass.
AceLdr - Cobalt Strike UDRL for memory scanner evasion.
EDRs
aes_dinvoke - a repository that contains the program.cs source file that has D/Invoke bare minimum implementation and AES encryption for shellcode execution
go - The Go programming language
CarbonCopy - A tool which creates a spoofed certificate of any online website and signs an Executable for AV Evasion. Works for both Windows and Linux