Some demos to bypass EDRs or AVs by 78itsT3@m
☆360Jul 6, 2022Updated 3 years ago
Alternatives and similar repositories for EDR-Bypass-demo
Users that are interested in EDR-Bypass-demo are comparing it to the libraries listed below
Sorting:
- 使用多种WinAPI进行权限维持的CobaltStrike脚本,包含API设置系统服务,设置计划任务,管理用户等。☆554Jan 18, 2022Updated 4 years ago
- 通过反射DLL注入、Win API、C#、以及底层实现NetUserAdd方式实现BypassAV进行增加用户的功能,实现Cobalt Strike插件化☆344Apr 10, 2022Updated 3 years ago
- dump lsass进程工具☆561Jul 20, 2023Updated 2 years ago
- 基于Golang实现的Shellcode内存加载器,共实现3中内存加载shellcode方式,UUID加载,MAC加载和IPv4加载,目前能过主流杀软(包括Windows Defender)☆253Dec 16, 2021Updated 4 years ago
- 域控安全one for all☆736Sep 9, 2024Updated last year
- 一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webs…☆1,468Apr 25, 2024Updated last year
- 免杀,bypassav,免杀框架,nim,shellcode,使用nim编写的shellcode加载器☆690Feb 11, 2026Updated last month
- 研究利用golang各种姿势bypassAV☆816Apr 11, 2022Updated 3 years ago
- geacon:简单适配了一个profile配置文件,可直接拿来修改使用,用于cs上线linux.☆161Aug 3, 2022Updated 3 years ago
- EDR绕过demo☆294Jan 14, 2024Updated 2 years ago
- OrcaC2是一款基于Websocket加密通信的多功能C&C框架,使用Golang实现。☆677Dec 30, 2022Updated 3 years ago
- Bypass AV 用户添加☆169Dec 30, 2021Updated 4 years ago
- 整理了基于Go的16种API免杀测试、8种加密测试、反沙盒测试、编译混淆、加壳、资源修改等免杀技术,并搜集汇总了一些资料和工具。☆1,168Aug 23, 2022Updated 3 years ago
- 远程shellcode加载&权限维持+小功能☆301May 7, 2024Updated last year
- 从零开始学免杀☆439Mar 30, 2022Updated 3 years ago
- UAC bypass for x64 Windows 7 - 11(无弹窗版)☆281Sep 5, 2022Updated 3 years ago
- 内存加载shellcode绕过waf☆209Jul 25, 2022Updated 3 years ago
- WebSocket 内存马/Webshell,一种新型内存马/WebShell技术☆1,492Apr 10, 2023Updated 2 years ago
- 获取服务器或域控登录日志☆276Sep 8, 2023Updated 2 years ago
- CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon,其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能☆730Sep 1, 2021Updated 4 years ago
- 将dll exe 等转成shellcode 最后输出exe 可定制加载器模板 支持白文件的捆绑 shellcode 加密☆368Sep 8, 2022Updated 3 years ago
- Erfrp-frp二开-免杀与隐藏☆632Dec 4, 2022Updated 3 years ago
- Windows对抗沙箱和虚拟机的方法总结☆401Apr 22, 2020Updated 5 years ago
- 添加计划任务方法集合☆310Aug 6, 2023Updated 2 years ago
- 恶意代码逃逸源代码 http://payloads.online☆758Mar 7, 2022Updated 4 years ago
- 基于Java实现的Shellcode加载器☆414Sep 4, 2023Updated 2 years ago
- 创建隐藏计划任务,权限维持,Bypass AV☆559Sep 1, 2021Updated 4 years ago
- Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThrea…☆1,295Jun 21, 2024Updated last year
- (批量化改造)sharpwmi是一个基于rpc的横向移动工具,具有上传文件和执行命令功能。☆108Jan 8, 2021Updated 5 years ago
- ☆155Jun 18, 2024Updated last year
- RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.☆1,562Aug 20, 2024Updated last year
- 各种数据库的利用姿势☆1,033Jan 3, 2025Updated last year
- One-click injection into the SSHD process to record and send the password for ssh login☆427Mar 12, 2024Updated 2 years ago
- 拿来即用的Tomcat7/8/9/10�版本Listener/Filter/Servlet内存马,支持注入CMD内存马和冰蝎内存马☆511Aug 31, 2022Updated 3 years ago
- 远程创建任务计划工具☆190Apr 23, 2022Updated 3 years ago
- LSTAR - CobaltStrike 综合后渗透插件☆1,262Jan 30, 2022Updated 4 years ago
- netspy是一款快速探测内网可达网段工具(深信服深蓝实验室天威战队强力驱动)☆2,203Jul 25, 2023Updated 2 years ago
- 冰蝎Java WebShell自动化免杀生成☆783Mar 15, 2022Updated 4 years ago
- SharpSQLTools 和@Rcoil一起写的小工具,可上传下载文件,xp_cmdshell与sp_oacreate执行命令回显和clr加载程序集执行相应操作。☆964Aug 5, 2021Updated 4 years ago