From b01ff82befdcc6af2afd146e8b25016558f84025 Mon Sep 17 00:00:00 2001
From: pe3zx <pe3zx@users.noreply.github.com>
Date: Wed, 30 Mar 2022 14:34:57 +0700
Subject: [PATCH] Add: VirtualAllocEx/Payload-Download-Cradles to Defense
 Evasion section

---
 Offensive.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Offensive.md b/Offensive.md
index d6f92b1..4d7bb9b 100644
--- a/Offensive.md
+++ b/Offensive.md
@@ -1837,6 +1837,10 @@ Some tools can be categorized in more than one category. But because the current
         <td><a href="https://github.com/Unknow101/FuckThatPacker">Unknow101/FuckThatPacker</a></td>
         <td>A simple python packer to easily bypass Windows Defender</td>
     </tr>
+    <tr>
+        <td><a href="https://github.com/VirtualAlllocEx/Payload-Download-Cradles">VirtualAlllocEx/Payload-Download-Cradles</a></td>
+        <td>This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR in context of download cradle detections.</td>
+    </tr>
     <tr>
         <td><a href="https://github.com/VirtualAlllocEx/Shellcode-Downloader-CreateThread-Execution">VirtualAlllocEx/Shellcode-Downloader-CreateThread-Execution</a></td>
         <td>This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and download and execute your C2-shellcode which is hosted on your (C2)-webserver.</td>