Not The Hidden Wiki
- UPX - link
- The Enigma Protector - link
- Rust BOF - link
- Litcrypt - link
- Spartacus: Dll/COM Hijacking - link
- AMSI Bypass - link
- Coercer - link
- Shellter Project - link
- AV Evasion Techniques - link
- A fully configurable and extendable Bash obfuscation framework - link
- VMP Protect - link
- FUD UUID Shellcode - link
- darkarmour: a tool to detect and evade common antivirus products - link
- donpapi: Dumping revelant information on compromised targets without AV detection - link
- shellerator: a simple command-line tool for generating shellcode - link
- Patch PE, ELF, Mach-O binaries with shellcode - link
- AV/EDR evasion via direct system calls - link
- Shikata ga nai encoder ported into go with several improvements - link
- C# Based Universal API Unhooker - link
- A tool for generating fake code signing certificates or signing real ones - link
- Defeating Windows User Account Control - link
- Golang library for malware development - link
- Open-Source Shellcode & PE Packer - link
- Reflective PE packer - link
- Identifies the bytes that Microsoft Defender flags on - link
- A simple python packer to easily bypass Windows Defender - link
- PowerShell Obfuscator - link
- EXOCET - AV-evading, undetectable, payload delivery tool - link
- A tool which bypasses AMSI - link
- Module Stomping, No New Thread, HellsGate syscaller, UUID Shellcode Runner for x64 Windows 10! - link
- Tampering Syscalls - link
- Thread Stack Spoofing / Call Stack Spoofing PoC - link
- Puszek: Yet another LKM rootkit for Linux. It hooks syscall table. - link
- speakeasy: Windows kernel and user mode emulation. - link
- Coldfire: Golang malware development library - link
- MalAPI.io - link
- Maldev Academy Code Search - link
- stealth-win: A Windows framework for creating projects that want to hide from EDR - link
- gocheck - golang implementation of Matterpreter's DefenderCheck - link
- LongWayHomie MalDev Repo - link