ThreadStackSpoofer

Evasion technique

An advanced in-memory evasion technique to hide injected shellcode's memory allocation from scanners and analysts.

Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.

GitHub

1k stars
28 watching
177 forks
Language: C++
last commit: over 2 years ago

Related projects:

Repository Description Stars
mgeeky/shellcodefluctuation An advanced in-memory evasion technique for hiding malicious code from scanners by fluctuating shellcode's memory protection and encrypting its contents. 957
mgeeky/redwarden A tool to evade detection by security systems and incident responders by manipulating HTTP requests 933
arvanaghi/checkplease A collection of sandbox evasion modules written in various programming languages. 904
kyleavery/aceldr A Cobalt Strike memory scanner evasion technique using code obfuscation and encryption to evade detection. 887
zha0gongz1/desertfox A Go-based tool for loading and executing malicious shellcode while evading anti-virus detection 125
apehex/web3-evasion-techniques A comprehensive repository detailing web3 evasion techniques and their application in malware detection. 4
joshfaust/alaris A low-level shellcode loader that defeats modern EDR systems by utilizing various evasion techniques and encryption. 891
epi052/rustdsplit Re-implements a method to bypass signature-based AV detection by splitting a file into two halves and modifying one byte in each half to evade detection. 35
0xsp-srd/mortar A toolset designed to evade detection by security products and execute malware safely 1,421
rkervella/carbonmonoxide A toolkit for evading endpoint detection and response (EDR) by combining techniques to spoof system properties and inject malicious code. 24
wkl-sec/malleable-cs-profiles A collection of tools to generate and modify shellcode profiles to evade detection in Cobalt Strike 384
hangingsword/houqing A tool for generating and uploading malicious executable files to evade antivirus detection 206
aetsu/offensivepipeline A tool for modifying and building C# tools to evade detection in Red Team exercises 791
mgeeky/stracciatella A tool to bypass security features in PowerShell and create an unmanaged environment for executing malicious code 509
b4rtik/hiddenpowershelldll A PowerShell evasion tool that uses a DLL to bypass security measures and execute a hidden stager 93