There are no reviews yet. Be the first to send feedback to the community and the maintainers!
eBook-BypassingAVsByCSharp
eBook "Bypassing AVS by C#.NET Programming" (Free Chapters only)ETWProcessMon2
ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.NativePayload_DNS
C# code for Transferring Backdoor Payloads by DNS Traffic and Bypassing Anti-virusesNativePayloads
All my Source Codes (Repos) for Red-Teaming & Pentesting + Blue TeamingNativePayload_Reverse_tcp
Meterpreter Encrypted Payload by C#Meterpreter_Payload_Detection
Meterpreter_Payload_Detection.exe tool for detecting Meterpreter in memory like IPS-IDS and Forensics toolNativePayload_CBT
NativePayload_CallBackTechniques C# Codes (Code Execution via Callback Functions Technique, without CreateThread Native API)NativePayload_ReverseShell
This is Simple C# Source code to Bypass almost "all" AVS, (kaspersky v19, Eset v12 v13 ,Trend-Micro v16, Comodo & Windows Defender Bypassed via this method Very Simple)Some_Pentesters_SecurityResearchers_RedTeamers
Some Pentesters, Security Researchers, Red Teamers which i learned from them a lot...NativePayload_Image
Transferring Backdoor Payloads with BMP Image PixelsNativePayload_PE1
NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing RWX to X or RX or (both) [Bypassing AVs]NativePayload_BSSID
Transferring Backdoor Payload by BSSID and Wireless trafficNativePayload_DNS2
C# code for Transferring Backdoor Payloads by DNS Traffic (A - PTR Records) and Bypassing Anti-virusesNativePayload_ARP
C# code for Transferring Backdoor Payloads by ARP Traffic and Bypassing Anti-viruses (Slow)Videos-BypassingAVsByCSharp
Video files for eBook: "Bypassing AVs by C#.NET Programming"ETWNetMonv3
ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.NativePayload_IP6DNS
C# code for Transferring Backdoor Payloads by IPv6 Address (AAAA) records and DNS Traffic also Bypassing Anti-virusesNativePayload_ICMP
C# code for Transferring Backdoor Payloads by ICMPv4 Traffic and bypassing Anti-VirusesFakeFileMaker
Social Engineering: Simple way to make a fake file for BackdoorsBEV4
BasicEventViewer4 (BEV v4.0), this code will useful for All Blue/Purple Teams , RealTime Monitoring Sysmon Events , Mitre Attack Detections via yaml filesNativePayload_HTTP
Data Exfiltration via HTTP Traffic (C# and Shell Script)NativePayload_ARP2
Simple Script "NativePayload_ARP2.sh" for Sending DATA via ARP Bcast Traffic to all systems in (LAN) by "Vid" tagNativePayload_Tinjection
Remote Thread Injection by C# + Delegate TechniquesNativePayload_TiACBT
NativePayload_TiACBT (Remote Thread Injection + C# Async Method + CallBack Functions Technique)NativePayload_DIM
NativePayload_DIM Dynamic native dll Injection in Memory , Injecting Native DLL bytes to local ProcessNativePayload_DCP
Compiling Csharp in-memory and Execute to bypass AVsExfiltration-and-Uploading-DATA-by-DNS-Traffic-AAAA-Records-
Pdf File : Exfiltration and Uploading DATA by DNS Traffic (AAAA Records)RedbudTree
DNS IPv6 Request Listener (UDP Port 53) for Detecting Exfiltration DATA via IPv6 DNS AAAA Record RequestseBook_Bypassing-Antiviruses-by-C-Programming-v2.0
bypassing Anti-viruses by csharp programming v2.0NativePayload_LocalCreateThread7
Chunking CobaltStrike Payloads + Jump MethodFSWatch
File System Watcher via C# (Monitoring File Activity , Create/Delete/Change/Rename events + some Activity like Size/Attribute/Security Changes & LastAccess, LastWrite etc...)damonmohammadbagher.github.io
NativePayload_CTX
NativePayload_CTX Create Thread via _beginthreadex function in msvcrt.dllTCPMon
TCPMon v3.1 or (4.0) was a very old Code which made by me in C# for Monitoring TCP Connection via Native APIs (was fun in that time ;D)Payload-hiding-Method-via-Infecting-Target-Process-Memory
NativePayload_TId
Remote Thread Injection by C# DelegateNativePayload_CDynApp3
Loading Csharp C2 Client-side codes in RAM by Very Simple New Technique to avoid DetectionNativePayload_RefPtr1
NativePayload_RefPtr1 Indirect call csharp method in memory [without call c# method in source code directly]NativePayload_ASM3
NativePayload_ASM/AsynASM , Injecting Meterpreter Payload bytes into local Process via Delegation Technique [Technique D] + in-memory with delay Changing RWX to X [Bypassing AVs]NativePayload_MP
C# Backdoor & Mapper/Proxy tool (backdoor & proxy tool working in memory only)Manifest-Creator
C# tool for make XML report from Network Hosts (report contains: Cpu,Bios,Motherboard,Vga,Sound,Hdd,Ram,Display-Monitor,IpAddress,Os,Users,...)NativePayload_DynLCI
NativePayload_DynLCI , Dynamic Local Code Invoke , Injecting Meterpreter Payload bytes into local ProcessNativePayload_JMP4
in C# you can use Emit(Opcodes.jmp,TargetMethod) in your codes without writing any asm bytes in code to jump to pointer of TargetMethod or (MethodInfo) to run in-memory via Emit(Opcodes.jmp, method) in system.reflection namespaceBEV3
BasicEventViewer (BEV v3.0), this code will useful for All Blue Teamers.DamonMohammadbagher
Love Open Source and this site? Check out how you can help us