Topic: "bypass-edr"
0xsp-SRD/mortar
evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)
Language: Pascal - Size: 2.75 MB - Last synced at: 2 months ago - Pushed at: over 1 year ago - Stars: 1,447 - Forks: 236
helviojunior/hookchain
HookChain: A new perspective for Bypassing EDR Solutions
Language: C - Size: 27.9 MB - Last synced at: 14 days ago - Pushed at: 5 months ago - Stars: 536 - Forks: 90
HackerCalico/Magic_C2
Red Team C2 Framework with AV/EDR bypass capabilities.
Language: Python - Size: 10.6 MB - Last synced at: 13 days ago - Pushed at: about 2 months ago - Stars: 407 - Forks: 65
VirtualAlllocEx/Payload-Download-Cradles
This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR in context of download cradle detections.
Language: PowerShell - Size: 47.9 KB - Last synced at: 11 days ago - Pushed at: almost 3 years ago - Stars: 257 - Forks: 51
HackerCalico/RAT_Obfuscator
Magical obfuscator, supports obfuscating EXE, BOF, and ShellCode.
Language: C++ - Size: 539 KB - Last synced at: 11 days ago - Pushed at: 6 months ago - Stars: 153 - Forks: 13
TunnelGRE/Percino
Evasive Golang Loader
Language: Go - Size: 960 KB - Last synced at: 9 months ago - Pushed at: 10 months ago - Stars: 131 - Forks: 24
HackerCalico/SkyShadow
Generate DLL Hijacking Payload in batches.
Language: Python - Size: 1.62 MB - Last synced at: 2 months ago - Pushed at: 10 months ago - Stars: 128 - Forks: 17
VirtualAlllocEx/Taskschedule-Persistence-Download-Cradles
Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
Language: HTML - Size: 56.6 KB - Last synced at: 11 days ago - Pushed at: almost 3 years ago - Stars: 86 - Forks: 22
Kara-4search/NewNtdllBypassInlineHook_CSharp
Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.
Language: C# - Size: 44.9 KB - Last synced at: about 1 month ago - Pushed at: over 3 years ago - Stars: 60 - Forks: 10
0xflux/Rust-Hells-Gate
Rust malware EDR evasion via direct syscalls, fully implemented as an example in Rust
Language: Rust - Size: 70.3 KB - Last synced at: 2 months ago - Pushed at: about 1 year ago - Stars: 40 - Forks: 4
roadwy/SideloadFinder
frida based script which automates the process of discovering and exploiting DLL Hijacks in target binaries. The discovered binaries can later be weaponized during Red Team Operations to evade AV/EDR's.
Language: Python - Size: 331 KB - Last synced at: over 1 year ago - Pushed at: about 2 years ago - Stars: 39 - Forks: 4
xiosec/Terminator
PowerShell script to terminate protected processes such as anti-malware and EDRs.
Language: PowerShell - Size: 176 KB - Last synced at: about 2 months ago - Pushed at: almost 2 years ago - Stars: 26 - Forks: 6
Kara-4search/HellgateLoader_CSharp
Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.
Language: C# - Size: 176 KB - Last synced at: about 2 months ago - Pushed at: over 3 years ago - Stars: 16 - Forks: 1
HackerCalico/ArpScan
ARP Scanner, a lightweight host-alive detection tool for OPSEC.
Language: C++ - Size: 6.84 KB - Last synced at: 24 days ago - Pushed at: 7 months ago - Stars: 4 - Forks: 1
ntminh2002/LocalShell
Just a shell and ... run local 😓
Language: C# - Size: 21.5 KB - Last synced at: 2 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0
titan1development/Titan-Crypter-XDR-EPP-UPP-
TITAN Crypter – Unbreakable Encryption, Undetectable Security Shield your data with the strength of a titan and the stealth of a shadow.
Size: 0 Bytes - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0
Oni-kuki/RC-Obfuscator
Just an obfuscation technique in a resource file in 2 possible formats
Language: C++ - Size: 123 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 0 - Forks: 0
