7BitsTeam / EDR-Bypass-demoView external linksLinks
Some demos to bypass EDRs or AVs by 78itsT3@m
☆360Jul 6, 2022Updated 3 years ago
Alternatives and similar repositories for EDR-Bypass-demo
Users that are interested in EDR-Bypass-demo are comparing it to the libraries listed below
Sorting:
- 使用多种WinAPI进行权限维持的CobaltStrike脚本,包含API设置系统服务,设置计划任务,管理用户等。☆556Jan 18, 2022Updated 4 years ago
- 基于Golang实现的Shellcode内存加载器,共实现3中内存加载shellcode方式,UUID加载,MAC加载和IPv4加载,目前能过主流杀软(包括Windows Defender)☆253Dec 16, 2021Updated 4 years ago
- dump lsass进程工具☆561Jul 20, 2023Updated 2 years ago
- 免杀,bypassav,免杀框架,nim,shellcode,使用nim编写的shellcode加载器☆676Updated this week
- 一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webs…☆1,464Apr 25, 2024Updated last year
- 通过反射DLL注入、Win API、C#、以及底层实现NetUserAdd方式实现BypassAV进行增加用户的功能,实现Cobalt Strike插件化☆343Apr 10, 2022Updated 3 years ago
- 域控安全one for all☆736Sep 9, 2024Updated last year
- OrcaC2是一款基于Websocket加密通信的多功能C&C框架,使用Golang实现。☆676Dec 30, 2022Updated 3 years ago
- Bypass AV 用户添加☆169Dec 30, 2021Updated 4 years ago
- 研究利用golang各种姿势bypassAV☆815Apr 11, 2022Updated 3 years ago
- EDR绕过demo☆294Jan 14, 2024Updated 2 years ago
- geacon:简单适配了一个profile配置文件,可直接拿来修改使用,用于cs上线linux.☆161Aug 3, 2022Updated 3 years ago
- WebSocket 内存马/Webshell,一种新型内存马/WebShell技术☆1,487Apr 10, 2023Updated 2 years ago
- 远程shellcode加载&权限维持+小功能☆301May 7, 2024Updated last year
- 整理了基于Go的16种API免杀测试、8种加密测试、反沙盒测试、编译混淆、加壳、资源修改等免杀技术,并搜集汇总了一些资料和工具。☆1,161Aug 23, 2022Updated 3 years ago
- 将dll exe 等转成shellcode 最后输出exe 可定制加载器模板 支持白文件的捆绑 shellcode 加密☆367Sep 8, 2022Updated 3 years ago
- 获取服务器或域控登录日志☆276Sep 8, 2023Updated 2 years ago
- CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon,其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能☆731Sep 1, 2021Updated 4 years ago
- 从零开始学免杀☆438Mar 30, 2022Updated 3 years ago
- UAC bypass for x64 Windows 7 - 11(无弹窗版)☆281Sep 5, 2022Updated 3 years ago
- 基于Java实现的Shellcode加载器☆414Sep 4, 2023Updated 2 years ago
- Erfrp-frp二开-免杀与隐藏☆633Dec 4, 2022Updated 3 years ago
- 创建隐藏计划任务,权限维持,Bypass AV☆556Sep 1, 2021Updated 4 years ago
- Windows对抗沙箱和虚拟机的方法总结☆402Apr 22, 2020Updated 5 years ago
- (批量化改造)sharpwmi是一个基于rpc的横向移动工具,具有上传文件和执行命令功能。☆108Jan 8, 2021Updated 5 years ago
- Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThrea…☆1,289Jun 21, 2024Updated last year
- 内存加载shellcode绕过waf☆208Jul 25, 2022Updated 3 years ago
- 添加计划任务方法集合☆309Aug 6, 2023Updated 2 years ago
- 拿来即用的Tomcat7/8/9/10版本Listener/Filter/Servlet内存马,支持注入CMD内存马和冰蝎内存马☆511Aug 31, 2022Updated 3 years ago
- LSTAR - CobaltStrike 综合后渗透插件☆1,262Jan 30, 2022Updated 4 years ago
- 远程创建任务计划工具☆190Apr 23, 2022Updated 3 years ago
- 冰蝎Java WebShell自动化免杀生成☆784Mar 15, 2022Updated 3 years ago
- ☆155Jun 18, 2024Updated last year
- Syscall免杀☆511Jun 21, 2024Updated last year
- RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.☆1,562Aug 20, 2024Updated last year
- One-click injection into the SSHD process to record and send the password for ssh login☆426Mar 12, 2024Updated last year
- 恶意代码逃逸源代码 http://payloads.online☆757Mar 7, 2022Updated 3 years ago
- netspy是一款快速探测内网可达网段工具(深信服深蓝实验室天威战队强力驱动)☆2,199Jul 25, 2023Updated 2 years ago
- 各种数据库的利用姿势☆1,034Jan 3, 2025Updated last year