Template-Driven AV/EDR Evasion Framework

PE Injection、DLL Injection、Process Injection、Thread Injection、Code Injection、Shellcode Injection、ELF Injection、Dylib Injection, including 400+Tools and 350+posts

PE loader with various shellcode injection techniques

🐟 PoC of a VBA macro spawning a process with a spoofed parent and command line.

Materials for the workshop "Red Team Ops: Havoc 101"

Some DLL Injection techniques in C++ implemented for both x86 and x64 windows OS processes

Multilayered AV/EDR Evasion Framework

This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret gadget can be used for stealthy code injection.

Centralized resource for listing and organizing known injection techniques and POCs

A C# DLL injection library

An open-source process injection enumeration tool written in C#

A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (using pe2shc by @hasherezade). Payload encryption via SystemFucntion033 NtApi and No new thread via Fiber

Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.

Source code of exploiting windows API for red teaming series

A dynamic unpacking tool

x64/x86 shellcode injector

Shellcode obfuscation tool to avoid AV/EDR.

Process Injection Techniques with Golang

Various methods of executing shellcode

Threadless shellcode injection tool