Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".

🌟[NEW] Log by Telegram+Clipper ✅ [0/70] FUD Stealer can bypass all antivirus (Our Grabber can grabs: Wallets, Passwords, Credit Card, Cookies, Autofills, All Discord Token and info, Telegram, Twitter, TikTok, Twitch, Spotify, Riot Games, Roblox, Steam, Wallet Injection and Backup code ( 2fa/a2f ). 🔑 ⚠Disclaimer: We're not liable for caused damage

What AV? 一款轻量级的杀软在线识别的项目，持续更新ing

🐍 Double Venom (DVenom) is a tool that provides an encryption wrapper and loader for your shellcode.

A simple and stealthy reverse shell written in Nim that bypasses Windows Defender detection. This tool allows you to establish a reverse shell connection with a target system. Use responsibly for educational purposes only.

ShadeLoader is a shellcode loader designed to bypass most antivirus software. 壳代码, 杀毒软件, 绕过

The provided Python program, Inject-EXE.py, allows you to combine a malicious executable with a legitimate executable, producing a single output executable. This output executable will contain both the malicious and legitimate executables.

Rust malware EDR evasion via direct syscalls, fully implemented as an example in Rust

How to bypass windows defender by forcing uac

𝐀 𝐕 𝐊 𝐈 𝐋 𝐋 𝐄 𝐗 𝐄 𝐂

Red Teaming Tactics and Techniques

Generate obfuscated PowerShell commands using XOR logic with random keys!

The most powerful stealer written in Python 3 and packed with a lot of features.

Bypass Windows Defender with a persistent staged reverse shell using C code & metasploit framework

Hybrid Encryption Dropper with HWID system.

A simple, obfuscated in-memory injection script written in PowerShell that bypasses Windows Defender

Anti Malware Scan Interface (DLL) Bypass

Windows RAT w/ antivirus bypass.

WinRM Reverse Shell Using Powershell.

Repository to publish your evasion techniques and contribute to the project