Awesome-Mirrors/my-infosec-awesome
1
0
Fork 0
mirror of https://github.com/pe3zx/my-infosec-awesome.git synced 2025-01-20 20:41:54 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add: mgeeky/Stracciatella to Defense Evasion section

Browse Source
This commit is contained in:
pe3zx 2021-08-22 17:51:28 +07:00
parent b7cbbf1011
commit e3324458b2
1 changed files with 12 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
Offensive.md
View File

@ -1146,6 +1146,16 @@ Some tools can be categorized in more than one category. But because the current
<td><a href="https://github.com/matterpreter/SHAPESHIFTER">matterpreter/SHAPESHIFTERmatterpreter/SHAPESHIFTER</a></td>
<td>Companion PoC for the "Adventures in Dynamic Evasion" blog post</td>
</tr>
<tr>
<td><a href="https://github.com/mdsecactivebreach/Chameleon">mdsecactivebreach/Chameleon</a></td>
<td>Chameleon: A tool for evading Proxy categorisation</td>
</tr>
<tr>
<td><a href="https://github.com/mdsecactivebreach/firewalker">mdsecactivebreach/firewalker</a></td>
<td>This repo contains a simple library which can be used to add FireWalker hook bypass capabilities to existing
code</td>
</tr>
<tr>
<td><a href="https://github.com/med0x2e/NoAmci">med0x2e/NoAmci</a></td>
<td>Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().</td>
@ -1155,13 +1165,8 @@ Some tools can be categorized in more than one category. But because the current
<td>SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.</td>
</tr>
<tr>
<td><a href="https://github.com/mdsecactivebreach/Chameleon">mdsecactivebreach/Chameleon</a></td>
<td>Chameleon: A tool for evading Proxy categorisation</td>
</tr>
<tr>
<td><a href="https://github.com/mdsecactivebreach/firewalker">mdsecactivebreach/firewalker</a></td>
<td>This repo contains a simple library which can be used to add FireWalker hook bypass capabilities to existing
code</td>
<td><a href="https://github.com/mgeeky/Stracciatella">mgeeky/Stracciatella</a></td>
<td>OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup</td>
</tr>
<tr>
<td><a href="https://github.com/nccgroup/demiguise">nccgroup/demiguise</a></td>