Defeat-Defender – Powerful Batch Script To Dismantle Complete Windows Defender Protection And Even Bypass Tamper Protection

Powerfull Batch File To Disable Windows Defender,Firewall,Smartscreen And Execute the payload Usage : Edit Defeat-Defender.bat on this line https://github.com/swagkarna/Defeat-Defender/blob/93823acffa270fa707970c0e0121190dbc3eae89/Defeat-Defender.bat#L72 and replace the direct url of your payload Run the script “run.vbs” . It will ask for Admin Permission.If permission Granted The script will work Silently without console windows… After it got admin permission it willRead More

Gotestwaf – Go Test WAF Is A Tool To Test Your WAF Detection Capabilities Against Different Types Of Attacks And By-Pass Techniques

An open-source Go project to test different web application firewalls (WAF) for detection logic and bypasses. How it works It is a 3-steps requests generation process that multiply amount of payloads to encoders and placeholders. Let’s say you defined 2 payloads, 3 encoders (Base64, JSON, and URLencode) and 1 placeholder (HTTP GET variable). In thisRead More

ScareCrow – Payload Creation Framework Designed Around EDR Bypass

[*] If you want to learn more about the techniques utlized in this framework please take a look at Part 1 and Part 2 Description ScareCrow is a payload creation framework for generating loaders for the use of side loading (not injection) into a legitimate Windows process (bypassing Application Whitelisting controls). Once the DLL loaderRead More

Chimera – A (Shiny And Very Hack-Ish) PowerShell Obfuscation Script Designed To Bypass AMSI And Commercial Antivirus Solutions

Chimera is a (shiny and ver y hack-ish) PowerShell obfuscation script designed to bypass AMSI and antivirus solutions. It digests malicious PS1’s known to trigger AV and uses string substitution and variable concatenation to evade common detection signatures. Chimera was created for this write-up and is further evidence of how trivial it is to bypassRead More

Byp4Xx – Simple Bash Script To Bypass "403 Forbidden" Messages With Well-Known Methods Discussed In #Bugbountytips

byp4xx.sh __ __ __ / /_ __ ______ / // / _ ___ __ / __ / / / / __ / // /_| |/_/ |/_/ / /_/ / /_/ / /_/ /__ __/> <_> < /_.___/__, / .___/ /_/ /_/|_/_/|_| /____/_/ A bash script to bypass “403 Forbidden” responses with well-known methods discussed inRead More

403Bypasser – Burpsuite Extension To Bypass 403 Restricted Directory

An burpsuite extension to bypass 403 restricted directory. By using PassiveScan (default enabled), each 403 request will be automatically scanned by this extension, so just add to burpsuite and enjoy. Payloads: $1: HOSTNAME $2: PATH $1/$2$1/%2e/$2$1/$2/.$1//$2//$1/./$2/./$1/$2anything -H “X-Original-URL: /$2” $1/$2 -H “X-Custom-IP-Authorization: 127.0.0.1” $1 -H “X-Rewrite-URL: /$2″$1/$2 -H “Referer: /$2″$1/$2 -H “X-Originating-IP: 127.0.0.1″$1/$2 -H “X-Forwarded-For:Read More

WMIHACKER – A Bypass Anti-virus Software Lateral Movement Command Execution Tool

中文版(Chinese version) Disclaimer: The technology involved in this project is only for security learning and defense purposes, illegal use is prohibited! Bypass anti-virus software lateral movement command execution test tool(No need 445 Port)Introduction: The common WMIEXEC, PSEXEC tool execution command is to create a service or call Win32_Process.create, these methods have been intercepted by Anti-virusRead More

Chimera – PowerShell Obfuscation Script Designed To Bypass AMSI And Commercial Antivirus Solutions

Chimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and antivirus solutions. It digests malicious PS1’s known to trigger AV and uses string substitution and variable concatenation to evade common detection signatures.Chimera was created for this write-up and is further evidence of how trivial it is to bypass detection signatures.Read More

HTTP-revshell – Powershell Reverse Shell Using HTTP/S Protocol With AMSI Bypass And Proxy Aware

HTTP-revshell is a tool focused on redteam exercises and pentesters. This tool provides a reverse connection through the http/s protocol. It use a covert channel to gain control over the victim machine through web requests and thus evade solutions such as IDS, IPS and AV.Help server.py (unisession server)Server usage: usage: server.py [-h] [–ssl] [–autocomplete] hostRead More

Avcleaner – C/C++ Source Obfuscator For Antivirus Bypass

C/C++ source obfuscator for antivirus bypass.Build docker build . -t avcleanerdocker run -v ~/dev/scrt/avcleaner:/home/toto -it avcleaner bash #adapt ~/dev/scrt/avcleaner to the path where you cloned avcleanersudo pacman -Syumkdir CMakeBuild && cd CMakeBuildcmake ..make -j 2./avcleaner.bin –help UsageFor simple programs, this is as easy as: avcleaner.bin test/strings_simplest.c –strings=true — However, you should know that you’re usingRead More

X