itsMe Posted June 15, 2023 Share Posted June 15, 2023 This is the hidden content, please Sign In or Sign Up It's a AV/EDR Evasion tool created to bypass security tools for learning, until now the tool is FUD. Features: Module Stomping for Memory scanning evasion DLL Unhooking by fresh ntdll copy IAT Hiding and Obfuscation & API Unhooking ETW Patchnig for bypassing some security controls Included sandbox evasion techniques & Basic Anti-Debugging Fully obfuscated (Functions - Keys - Shellcode) by XOR-ing Shellcode reversed and Encrypted Moving payload into hallowed memory without using APIs GetProcAddress & GetModuleHandle Implementation by @cocomelonc Runs without creating new thread & Suppoers x64 and x86 arch This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts