7BitsTeam / EDR-Bypass-demoLinks

Some demos to bypass EDRs or AVs by 78itsT3@m

☆355

Alternatives and similar repositories for EDR-Bypass-demo

Users that are interested in EDR-Bypass-demo are comparing it to the libraries listed below

Sorting:

seventeenman / CallBackDump
dump lsass进程工具
☆556Updated 2 years ago
huaigu4ng / SysWhispers3WinHttp
Syscall免杀
☆510Updated last year
yanghaoi / CobaltStrike_CNA
使用多种WinAPI进行权限维持的CobaltStrike脚本，包含API设置系统服务，设置计划任务，管理用户等。
☆543Updated 3 years ago
testxxxzzz / geacon_pro
重构了Cobaltstrike Beacon，行为对国内主流杀软免杀，支持4.1以上的版本。 A cobaltstrike Beacon bypass anti-virus, supports 4.1+ version.
☆316Updated 2 years ago
0x727 / SchTask_0x727
创建隐藏计划任务，权限维持，Bypass AV
☆547Updated 3 years ago
xf555er / ShellcodeLoader
This is my FirstRepository
☆338Updated 2 years ago
burpheart / CVE-2022-39197-patch
CVE-2022-39197 漏洞补丁. CVE-2022-39197 Vulnerability Patch.
☆317Updated 2 years ago
Neo-Maoku / SearchAvailableExe
寻找可利用的白文件
☆527Updated last year
LDrakura / Remote_ShellcodeLoader
远程shellcode加载&权限维持+小功能
☆298Updated last year
crisprss / BypassUserAdd
通过反射DLL注入、Win API、C#、以及底层实现NetUserAdd方式实现BypassAV进行增加用户的功能,实现Cobalt Strike插件化
☆338Updated 3 years ago
crisprss / Shellcode_Memory_Loader
基于Golang实现的Shellcode内存加载器,共实现3中内存加载shellcode方式,UUID加载,MAC加载和IPv4加载,目前能过主流杀软(包括Windows Defender)
☆253Updated 3 years ago
Ciyfly / microwaveo
将dll exe 等转成shellcode 最后输出exe 可定制加载器模板支持白文件的捆绑 shellcode 加密
☆365Updated 2 years ago
qi4L / Unhooker-go
EDR绕过demo
☆291Updated last year
Mephostophiles / PengCode
EXE转ShellCode工具
☆212Updated 2 years ago
Z3ratu1 / geacon_plus
CobaltStrike beacon written in golang
☆437Updated last year
lintstar / CS-AutoPostChain
基于 OPSEC 的 CobaltStrike 后渗透自动化链
☆437Updated last year
HZzz2 / go-shellcode-loader
GO免杀shellcode加载器混淆AES加密
☆254Updated 3 years ago
jiushill / csplugin
自己开的cs插件
☆243Updated 2 years ago
its-arun / CVE-2022-39197
CobaltStrike <= 4.7.1 RCE
☆387Updated 2 years ago
Peithon / JustC2file
Burp插件，Malleable C2 Profiles生成器；可以通过Burp代理选中请求，生成Cobalt Strike的profile文件(CSprofile)
☆282Updated 3 years ago
SecNN / Bypass_AV
Bypass_AV msf免杀，ShellCode免杀加载器，免杀shellcode执行程序，360&火绒&Windows Defender
☆223Updated 3 years ago
Pizz33 / 360QVM_bypass
通过生成不同hash的ico并写入程序中，实现批量bypass360QVM
☆250Updated last year
xf555er / AntiAntiVirusNotes
学习免杀的笔记
☆284Updated last year
Getshell / C2
C2-下一代RAT
☆439Updated 11 months ago
pureqh / bypassAV
免杀shellcode加载器
☆459Updated 4 years ago
lzzbb / Adinfo
域信息收集工具
☆403Updated 2 years ago
wjlab / Darksteel
域内自动化信息搜集利用工具
☆425Updated last year
ffctf / BypassAv-py
免杀某60、火绒、pythonShellcode-loader
☆55Updated 2 years ago
aeverj / NimShellCodeLoader
免杀，bypassav，免杀框架，nim，shellcode，使用nim编写的shellcode加载器
☆664Updated 5 months ago
luckyfuture0177 / ReZeroBypassAV
从零开始学免杀
☆438Updated 3 years ago