Projects in Awesome Lists by EvilBytecode

https://github.com/evilbytecode/godefender

Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package. Windows ONLY.

anti-cracking anti-debug anti-vm debugger debugging malware protection reverse-engineering

Last synced: 14 Apr 2025

https://github.com/EvilBytecode/GoDefender

Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package. Windows ONLY.

anti-cracking anti-debug anti-vm debugger debugging malware protection reverse-engineering

Last synced: 04 Apr 2025

https://github.com/evilbytecode/goredops

🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educational purpoeses only.

go golang hacking malware malware-development offensive-security red-team redteaming security windows

Last synced: 08 Apr 2025

https://github.com/EvilBytecode/GoRedOps

🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educational purpoeses only.

go golang hacking malware malware-development offensive-security red-team redteaming security windows

Last synced: 31 Jan 2025

https://github.com/evilbytecode/edr-xdr-av-killer

Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver

Last synced: 12 Apr 2025

https://github.com/EvilBytecode/EDR-XDR-AV-Killer

Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver

Last synced: 04 Apr 2025

https://github.com/evilbytecode/lifetime-amsi-etwpatch

Two in one, patch lifetime powershell console, no more etw and amsi!

amsi amsi-bypass amsi-evasion amsi-patch etw etw-bypass etw-evasion fud pentesting red-teaming

Last synced: 02 Jan 2025

https://github.com/evilbytecode/pydefender

Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package.

anti-sandbox anti-virtualization anti-virtualmachine anti-vm antidebug antidebugging protect protection python

Last synced: 12 Apr 2025

https://github.com/evilbytecode/payloadcrypter

Go Based Crypter That Can Bypass Any Kinds Of Antivirus Products, payload crypter supports over 4 programming languages.

antivirus-evasion av-evasion crypter evasion fud go golang hacking linux payload-crypt payload-crypter red red-team red-tools

Last synced: 12 Apr 2025

https://github.com/evilbytecode/lifetime-amsibypass

Lifetime AMSI bypass.

Last synced: 12 Apr 2025

https://github.com/evilbytecode/keylogger

Go keylogger for Windows, logging keyboard input to a file using Windows API functions, and it is released under the Unlicense.

educational-project grabber keylogger keylogger-stealer pentesting red-teaming stealer

Last synced: 12 Apr 2025

https://github.com/evilbytecode/ppid-spoofing

Parent Process ID Spoofing, coded in CGo.

Last synced: 12 Apr 2025

https://github.com/evilbytecode/sryxen

Sryxen aka ThunderKitty.

Last synced: 12 Apr 2025

https://github.com/evilbytecode/nyx-full-dll-unhook

(EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.

av av-evasion dll-unhooking edr-evasion evasion fud

Last synced: 12 Apr 2025

https://github.com/evilbytecode/thunderkitty-ransomware

Ransomware written in go, encrypt - decrypt.

fud go golang pentesting ransomware red-team virus

Last synced: 12 Apr 2025

https://github.com/EvilBytecode/Evilbytecode-Shellcode-Go-Tactics

A mutliple tactics to execute shellcode in go :}

evasion fud shellcode shellcode-injection shellcode-injector shellcode-loader shellcode-runner ud

Last synced: 26 Apr 2025

https://github.com/evilbytecode/evilbytecode-shellcode-go-tactics

A mutliple tactics to execute shellcode in go :}

evasion fud shellcode shellcode-injection shellcode-injector shellcode-loader shellcode-runner ud

Last synced: 15 Apr 2025

https://github.com/evilbytecode/golangstyle

GolangStyle, best looking go library.

cli color color-library console-application go go-package golang package

Last synced: 12 Apr 2025

https://github.com/evilbytecode/evil-go

A malicous Golang Package

av evasion evil fud grabber red red-teaming stealer teaming

Last synced: 12 Apr 2025

https://github.com/evilbytecode/ntdll-unhook

Unhook Ntdll.dll, Go & C++.

av edr-bypass edr-evasion evasion fud ntdll-unhooking

Last synced: 15 Feb 2025

https://github.com/evilbytecode/ps2bat

A Documentation for my module PS2BAT, it converts Powershell Scripts to Batchfile ones.

Last synced: 12 Apr 2025

https://github.com/evilbytecode/goevildocs

Malware development in Go, learn today, anti dynamic analysis & Static & sandboxes.

Last synced: 09 Apr 2025

https://github.com/evilbytecode/ssnretrieval

Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name, SSN, and address.

av ebyte evasion fud ssn ssn-retrieval

Last synced: 12 Apr 2025

https://github.com/evilbytecode/enable-all-tokens

Enable-All-Tokens is a Go-based project designed to adjust and enable a list of specified privileges for the current process token on a Windows operating system. This project can be particularly useful for developers and system administrators who need to programmatically enable various system privileges for their applications.

go golang privilege-escalation privileged-access-api privileged-access-management winapi windowsapi

Last synced: 12 Apr 2025

https://github.com/evilbytecode/rubyredops

💎 | RubyRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Ruby

Last synced: 12 Apr 2025

https://github.com/evilbytecode/ebyte-shellcode-loader

shellcode loader that uses indirect syscalls written in D Lang The loader bypasses user-mode hooks by resolving system calls manually from NTDLL using a hash-based method.

av-evasion evasion fud indirect-syscall indirect-syscalls shellcode shellcode-laoder shellcode-runner

Last synced: 15 Apr 2025

https://github.com/evilbytecode/getsyscallstubgo

GetSyscallStubCGo.

Last synced: 15 Feb 2025

https://github.com/evilbytecode/powershell-persistance

Whenever PowerShell is launched, Notepad will also open. You can customize the script for educational purposes, but I emphasize that I do not take any responsibility for its use or any actions taken.

edr edr-bypass edr-evasion fud pentesting persistance win-api

Last synced: 12 Apr 2025

https://github.com/evilbytecode/edr-xdr-av-bypass-shellcode-loader

Bypassing Major EDR's with staged shellcode, custom getmodulehandleW and getprocaddress, veh syscalls & more.

Last synced: 15 Feb 2025

https://github.com/evilbytecode/ebyte-vbs-obfuscator-go

VBS-Obfuscator-GO is a Go-based tool designed for obfuscating VBScript (VBS) files. It transforms readable VBScript code into a less recognizable form by employing random variable names and encoding character values using mathematical operations. This helps protect scripts from casual inspection and modification.

av-evasion crypter evasion fud obf obfuscation op payload ud

Last synced: 12 Apr 2025

https://github.com/evilbytecode/keyauth-protected-app-go

Keyauth-Protected-App-Go is a Go-based application that integrates with the KeyAuth API to provide secure user authentication. It comes with built-in anti-debugging and anti-DLL injection features to protect against reverse engineering and unauthorized modifications.

Last synced: 12 Apr 2025

https://github.com/evilbytecode/self-run-pe

Self PE Injector in C++, using NtApi.

Last synced: 12 Apr 2025

https://github.com/evilbytecode/bloxstrap-persistance

Bloxstrap-Persistance modifies Bloxstrap's settings (Settings.json) to add persistent integrations, showcasing how applications can be exploited.

bloxstrap grabber persistence red-team roblox-logger tactics

Last synced: 12 Apr 2025

https://github.com/evilbytecode/batchfile-token-grabber-evilbyte

A new token grabber for discord, open sourced. eductional purpoeses only, Batchfile Stealer, Token Logger, Batchfile Token Grabber.

Last synced: 09 Apr 2025

https://github.com/evilbytecode/batch-deobfuscator

A powershell deobfuscator for batchfile codes that uses chineese letters :)

Last synced: 12 Apr 2025

https://github.com/evilbytecode/malwarebytes-shutdowner

Kill malawarebytes process. Can be ported to any programming language.

av evasion fud kill-process malwarebytes-bypass malwarebytes-kill malwarebytes-patch

Last synced: 12 Apr 2025

https://github.com/evilbytecode/sryxen-stealer-paid-source

It was a great run, but everything must come to an end. Please don’t contact me. Before I go, here’s a final gift :)

discord discord-stealer stealer telegram-stealer-crypto-stealer

Last synced: 10 Apr 2025

https://github.com/evilbytecode/cmd-persistence

PoC, everytime you launch cmd, notepad does aswell (EXAMPLE PROCESS)

Last synced: 12 Apr 2025

https://github.com/evilbytecode/etw-patch

code snippet provided demonstrates how to patch the EtwEventWrite function in the ntdll.dll library on Windows using CGO (C Go).

av-evasion etw etw-bypass etw-evasion etweventwrite evasion fud

Last synced: 12 Apr 2025

https://github.com/evilbytecode/evilbytecode

Last synced: 09 Apr 2025

https://github.com/evilbytecode/d-ntdll-unhook

a simple code to unhook ntdll lol.

Last synced: 09 Apr 2025

https://github.com/evilbytecode/bad-osint

Last synced: 12 Apr 2025

https://github.com/evilbytecode/windkitty-rat

Advanced RAT written in Python language, fully controllable through Discord, WindKitty-RAT Can Control Multiple Clients at once!.

bsod discord discord-c2c discord-grabber discord-grabber-bot discord-logger discord-py discord-rat discord-remote-control discord-stealer grabber-password grabber-token grabber-tool malware python-malware rat startup windkitty windkitty-rat

Last synced: 09 Apr 2025

https://github.com/evilbytecode/anti-debug

Golang Simple Anti Debugger & Anti Http Debugger & Anti Vm. Anti Virtual Machine, Anti Sandboxie.

antidebug antivm

Last synced: 09 Apr 2025

https://github.com/evilbytecode/roblox-cookie-grabber

A new cookie grabber, bypasses no more cookies. Firefox, chrome, edge, vivaldi opera etc.. ROBLOX APIS ONLY

Last synced: 09 Apr 2025

https://github.com/evilbytecode/windkitty-protector

Windkitty, a PowerShell-based PC protector, startup cleanup, Discord injection remover, and optional installation of NoMoreCookies, offering perfect defense against rats and grabbers.

Last synced: 09 Apr 2025

https://github.com/evilbytecode/roblox-qr-code-logger

Utilises Roblox QR Login Feature. IF Scanned User Has Full Access To Account, Scannable QR code!

Last synced: 09 Apr 2025

https://github.com/evilbytecode/cpp-red-ops

C++ Red Opsec, im making this beacuse i want to learn more.

Last synced: 15 Feb 2025

https://github.com/evilbytecode/rosint

Roblox osint, gets some info about user.

Last synced: 15 Feb 2025

https://github.com/evilbytecode/dahood-roblox-optimizer

Removes a Shadows, Textures, Unlocks FPS. Optimizes Game.

Last synced: 09 Apr 2025

https://github.com/evilbytecode/batchfile-deobfuscator

Golang Batchfile Deobfuscator, deobfuscate Chineese or Other Batchfile Methods.

Last synced: 09 Apr 2025

https://github.com/evilbytecode/pythoncrypter

make your python scripts Undetected, Works on virustotal and lot more!

crypter crypter-bypass-wd crypter-defender crypter-fud-2024 crypter-grabber crypter-rat

Last synced: 09 Apr 2025

https://github.com/evilbytecode/powershell-anti-debug

Simple code.. nothing much :).. blocks VM

Last synced: 09 Apr 2025

https://github.com/evilbytecode/rtlsetprocessiscritical

Creating a process that is critical! Attempting to terminate it will trigger a BSOD (Blue Screen of Death). Below are scripts in various languages including PowerShell, C#, Visual Basic, Golang and Python. with potential for additional languages in the future!

critical-process pentesting process-protect process-protection protect-process red-teaming rtlprocess rtlsetprocessiscritical win32

Last synced: 09 Apr 2025

https://github.com/evilbytecode/amsi-bypass

This repo contains Amsi Bypass method.

amsi-bypass amsi-evasion amsi-patch pentesting red-team red-teaming redteam win32

Last synced: 09 Apr 2025

https://github.com/evilbytecode/dpapi

example of dpapi in ruby.. CryptUnprotectData / CryptProtectData

Last synced: 09 Apr 2025

https://github.com/evilbytecode/tria.ge-detection

detection for https://tria.ge / detect tria.ge / tria.ge detection / triage detection

detect-vm detection sandboxie triageservice

Last synced: 09 Apr 2025

https://github.com/evilbytecode/windkitty-powershell-grabber

A Easy and FUD (from virus total) Grabber! Works with discord webhooks.

Last synced: 09 Apr 2025

https://github.com/evilbytecode/ebyte-personal-tools

Some personal tools i use sometiems when developing an go based grabber.

Last synced: 09 Apr 2025

https://github.com/evilbytecode/proxy-scraper

This script is a proxy scraper that automatically retrieves and saves proxies from various sources. It supports HTTP, SOCKS4, and SOCKS5 protocols. The scraped proxies are saved into separate files for each protocol.

Last synced: 09 Apr 2025

https://github.com/evilbytecode/md5-hash-spoofer

spoof md5 hash, evade avs.

Last synced: 09 Apr 2025

https://github.com/evilbytecode/rbstyle

A ruby color library

Last synced: 09 Apr 2025

https://github.com/evilbytecode/gopulzeterminator

Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes. coded in your beloved golang!

antivirus-bypass antivirus-evasion edr-bypass edr-evasion edr-hook edr-killer gopulzeterminator kill-av

Last synced: 09 Apr 2025