Israeli tech companies map

COM ViewLogger — new malware keylogging technique

Collect Windows telemetry for Maldev

Indirect NT syscalls LSASS dumper.

Extract and execute a PE embedded within a PNG file using an LNK file.

The Ultimate Information Gathering Toolkit

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

A slightly more fun way to disable windows defender + firewall. (through the WSC api)

AV/EDR Evasion Lab for Training & Learning Purposes

Patching "signtool.exe" to accept expired certificates for code-signing.

This project aims to compare and evaluate the telemetry of various EDR products.

A set of fully-undetectable process injection techniques abusing Windows Thread Pools

LOLAPPS is a compendium of applications that can be used to carry out day-to-day exploitation.

Tools and documentation for Win32 app isolation

kill anti-malware protected processes ( BYOVD) ( Microsoft Won)

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

This map lists the essential techniques to bypass anti-virus and EDR

A tool that shows detailed information about named pipes in Windows

Leaked pentesting manuals given to Conti ransomware crooks

Tools and Techniques for Red Team / Penetration Testing

A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass…

Automated Multi UAC BYPASS for win10|win11|win12-pre-release|ws2019|ws2022

Collection of Cyber Threat Intelligence sources from the deep and dark web

A Python script that embeds Target VBS into LNK and when executed runs the VBS script from within.

Antivirus evasion project

Nidhogg is an all-in-one simple to use windows kernel rootkit.

A Bypass Anti-virus Software Lateral Movement Command Execution Tool