2 dépôts
Techniques that modify system debug registers to prevent security services from monitoring specific memory regions.
Distinct from Memory Access Breakpoints: Distinct from debugger breakpoints as it specifically targets the disabling of security monitoring services via hardware registers.
Explore 2 awesome GitHub repositories matching security & cryptography · Hardware Breakpoint Patching. Refine with filters or upvote what's useful.
Havoc is a post-exploitation framework used for red team operations. It provides a centralized command and control system for managing remote agents through persistent network connections and customizable communication profiles. The framework focuses on security evasion and stealth, utilizing indirect syscall execution, return address spoofing, and hardware-breakpoint patching to bypass endpoint detection and response tools. It includes a payload generation workflow to create executable shellcode or DLLs for initial remote access. The system covers a broad range of operational capabilities,
Implements hardware-breakpoint patching to disable endpoint detection by modifying system debug registers.
OffensiveNim is a red teaming framework and post-exploitation toolkit developed in Nim. It provides a collection of low-level primitives and a Windows API wrapper designed for offensive security operations, including malware development and shellcode loading. The project focuses on evasion and obfuscation through techniques such as API unhooking, direct system calls, and anti-debugging mechanisms. It features diverse payload delivery methods, including reflective binary loading, the execution of .NET assemblies via CLR hosting, and various shellcode injection techniques using fibers, COM obje
Intercepts function execution by configuring CPU debug registers to redirect control flow.