Popular repositories Loading
-
DEFCON-31-Syscalls-Workshop
DEFCON-31-Syscalls-Workshop PublicContains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
-
Payload-Download-Cradles
Payload-Download-Cradles PublicThis are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR in context of download cradle detections.
-
Create-Thread-Shellcode-Fetcher
Create-Thread-Shellcode-Fetcher PublicThis POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and download and execute your C2-shellcode which is hosted on your (…
-
Direct-Syscalls-vs-Indirect-Syscalls
Direct-Syscalls-vs-Indirect-Syscalls PublicThe following two code samples can be used to understand the difference between direct syscalls and indirect syscalls
-
Direct-Syscalls-A-journey-from-high-to-low
Direct-Syscalls-A-journey-from-high-to-low PublicStart with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low level).
-
Taskschedule-Persistence-Download-Cradles
Taskschedule-Persistence-Download-Cradles PublicDepending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
If the problem persists, check the GitHub status page or contact support.