18 skills found
paranoidninja / CarbonCopyA tool which creates a spoofed certificate of any online website and signs an Executable for AV Evasion. Works for both Windows and Linux
dsnezhkov / ZombieantZombie Ant Farm: Primitives and Offensive Tooling for Linux EDR evasion.
cocomelonc / Mdmz BookThe result of research and investigation of malware development tricks, techniques, evasion, cryptography and linux malware
dr34mhacks / ExecEvasionExecEvasion is a lightweight execution-evasion toolkit that generates command variants designed to bypass naive filters and WAF rules by leveraging real shell parsing behavior on Linux and Windows.
ShellCode33 / VM DetectionLinux and Windows VMs evasion fully written in Go
zimnyaa / LEOPARDSEALA simple Linux in-memory .so loader
codewhitesec / ApollonProof-of-Concept to evade auditd by writing /proc/PID/mem
captain-woof / Hydrangea C2 PayloadsA cross-platform, collaborative C2 for red-teaming. Agents are cross-compilable (e.g, you can generate Windows DLLs on Linux), cross-compatible, and built with evasion, anti-analysis and stability in mind. All capabilities are natively implemented from scratch.
melotic / NanostormAn (WIP) EDR Evasion tool for x64 Windows & Linux binaries that utilizes Nanomites, written in Rust.
codewhitesec / DaphneProof-of-Concept to evade auditd by tampering via ptrace
ExRecon / ExreconExRecon – An advanced, TOR-routed Nmap automation framework for Kali Linux. Supports modular multi-scan recon, firewall evasion, Nikto web audits, and human-readable reporting with delta analysis. Built for stealth and operational security in red teaming, pen testing, and OSINT workflows.
gotr00t0day / Linux Malware Evasion TechniquesLinux malware evasion techniques
Pwn3rx0 / Linux LoaderA lightweight, modular shellcode loader for Linux with triple XOR encryption and modern evasion techniques.
JohnWoodman / Linux RootkitA Linux based rootkit designed with advanced kernel-level evasion techniques. This is the Senior Project repository for John Woodman, Owen Flannagan, and Brandon Stacy.
captain-woof / Hydrangea C2A cross-platform, collaborative C2 for red-teaming. Agents are cross-compilable (e.g, you can generate Windows DLLs on Linux), cross-compatible, and built with evasion, anti-analysis and stability in mind. All capabilities are natively implemented from scratch.
Kinyas-tr / VENOM 1.0.16 Metasploit Shellcode Generator CompillerVersion release : v1.0.16 Author : pedro ubuntu [ r00t-3xp10it ] Codename: Aconite (Aconitum napellus) Distros Supported : Linux Ubuntu, Kali, Mint, Parrot OS Suspicious-Shell-Activity (SSA) RedTeam develop @2019 banner LEGAL DISCLAMER The author does not hold any responsibility for the bad use of this tool, remember that attacking targets without prior consent is illegal and punished by law. So use this tool responsibly. FRAMEWORK DESCRIPTION The script will use msfvenom (metasploit) to generate shellcode in diferent formats ( C# | python | ruby dll | msi | hta-psh | docm | apk | macho | elf | deb | mp4 | etc ) injects the shellcode generated into one template (example: python) "the python funtion will execute the shellcode into ram" and uses compilers like gcc (gnu cross compiler) or mingw32 or pyinstaller to build the executable file. It also starts a multi-handler to recive the remote connection (shell or meterpreter session). 'venom generator' reproduces some of the technics used by Veil-Evasion.py, unicorn.py, powersploit.py, etc.. HOW DO I DELIVER MY PAYLOADS TO TARGET HOST ? venom 1.0.11 (malicious_server) was build to take advantage of apache2 webserver to deliver payloads (LAN) using a fake webpage writen in html that takes advantage of <iframe> <meta-http-equiv> or <form> tags to be hable to trigger payload downloads, the user just needs to send the link provided to target host. "Apache2 (malicious url) will copy all files needed to your webroot, and starts apache for you." venom shellcode v1.0.16 DEPENDENCIES Zenity | Metasploit | GCC (compiler) | Pyinstaller (compiler) | mingw32 (compiler) | pyherion.py (crypter) wine (emulator) | PEScrambler.exe (PE obfuscator) | apache2 (webserver)| winrar (wine) | shellter (KyRecon) vbs-obfuscator (obfuscator) | avet (Daniel Sauder) | ettercap (MitM + DNS_Spoofing) | icmpsh (ICMP shell) openssl (build SSL certs) | CarbonCopy (sign exe binarys) | ResourceHacker (wine) | NXcrypt (python crypter) "venom.sh will download/install all dependencies as they are needed". Adicionally was build the script venom-main/aux/setup.sh to help you install all framework dependencies fast and easy. we just need to install first the most importante dependencies before trigger setup.sh = zenity, metasploit, ettercap .. DOWNLOAD/INSTALL 1º - Download framework from github git clone https://github.com/r00t-3xp10it/venom.git 2º - Set execution permitions cd venom-main sudo find ./ -name "*.sh" -exec chmod +x {} \; sudo find ./ -name "*.py" -exec chmod +x {} \; 3º - Install all dependencies cd aux && sudo ./setup.sh 4º - Run main tool sudo ./venom.sh Update venom instalation (compare local version againts github oficial version) sudo ./venom.sh -u Framework Main Menu banner venom shellcode v1.0.16 venom shellcode v1.0.16 Detailed info about release 1.0.16: https://github.com/r00t-3xp10it/venom/releases
farinap5 / Linux InjectionMy collection of research and tools on post-exploitation and evasion against linux environments.
Excalibra / ScriptsPlatform: Windows/Mac/Linux. Scripting: Various, no restrictions; customized as needed. Tasks: Desktop checks, software cracking, AV evasion, privilege execution, firmware read/write, password checks, Wi-Fi scans, cloud security, log analysis, NLP, and data analysis in humanities/social sciences.
