Bypassing Major EDR's with staged shellcode, custom getmodulehandleW and getprocaddress, veh syscalls & more.
☆30Apr 21, 2025Updated 11 months ago
Alternatives and similar repositories for EDR-XDR-AV-Bypass-Shellcode-Loader
Users that are interested in EDR-XDR-AV-Bypass-Shellcode-Loader are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- PhantomDelay is a precise delay function that uses the Windows high resolution performance counter to pause your program for a specified …☆19May 8, 2025Updated 11 months ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆26Apr 21, 2025Updated 11 months ago
- Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…☆15Apr 21, 2025Updated 11 months ago
- Misery Loader to bypass modern EDR solutions☆18Dec 20, 2024Updated last year
- Whenever PowerShell is launched, Notepad will also open. You can customize the script for educational purposes, but I emphasize that I do…☆12Apr 21, 2025Updated 11 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Ransomware written in go, encrypt - decrypt.☆30Apr 27, 2025Updated 11 months ago
- Go ransomware leveraging ChaCha20 and ECIES encryption with a web-based control panel.☆46Apr 27, 2025Updated 11 months ago
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆18Oct 31, 2024Updated last year
- Yet another shellcode loader - but a sneaky one☆26Apr 16, 2025Updated 11 months ago
- ☆21Jan 8, 2026Updated 3 months ago
- A mutliple tactics to execute shellcode in go :}☆25Apr 21, 2025Updated 11 months ago
- 通过RPC创建计划任务☆31May 18, 2025Updated 10 months ago
- ☆30Oct 19, 2024Updated last year
- Powerful Rat/Botnet written C/C++ and Rust works on Windows, Linux and Mac OS, Android and IOT Devices Central / P2P Architecture. (Proje…☆11Jul 26, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- extract chromium-based browser's cookies using chrome's remote debugging without admin rights☆22Nov 3, 2024Updated last year
- A runtime for developing large-scale and complex shellcode.☆22Mar 31, 2026Updated last week
- Pattern-based AMSI bypass that patches AMSI.dll in memory by modifying comparison values, conditional jumps, and function prologues to ne…☆28May 13, 2025Updated 10 months ago
- Hook system calls on Windows by using Kaspersky's hypervisor☆17Dec 25, 2024Updated last year
- Go Based Crypter That Can Bypass Any Kinds Of Antivirus Products, payload crypter supports over 4 programming languages.☆61Apr 27, 2025Updated 11 months ago
- Generate Secure, Polymorphic, Evasive (lol) Payloads☆30Oct 2, 2025Updated 6 months ago
- 💎 | RubyRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Ruby☆11Apr 21, 2025Updated 11 months ago
- golang decryption poc of the new app bound encryption introduced in chrome version 127.☆22Nov 4, 2024Updated last year
- A fucking real shellcode loader with a GUI. Work-in-Progress.☆82Jun 25, 2025Updated 9 months ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Golang 写的免杀框架,通过系统调用等手法bypass AV/EDR☆23Jul 11, 2024Updated last year
- 一键生成免杀木马☆27Feb 12, 2025Updated last year
- Malware development in Go, learn today, anti dynamic analysis & Static & sandboxes.☆15Apr 21, 2025Updated 11 months ago
- A malicous Golang Package☆15Apr 21, 2025Updated 11 months ago
- Kill malawarebytes process. Can be ported to any programming language.☆12Apr 21, 2025Updated 11 months ago
- kASLR bypass technique on Intel CPUs.☆32May 18, 2025Updated 10 months ago
- A lightweight remote access trojan in Rust☆31Jun 28, 2024Updated last year
- the first BlankOBFv2 deobfuscator made in python☆10Jun 19, 2024Updated last year
- A Documentation for my module PS2BAT, it converts Powershell Scripts to Batchfile ones.☆11Apr 21, 2025Updated 11 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Bypasses AMSI protection through remote memory patching and parsing technique.☆54May 12, 2025Updated 10 months ago
- Examples how to use a Assm (Assembly) in a go.☆24Apr 21, 2025Updated 11 months ago
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.☆51May 22, 2025Updated 10 months ago
- A unique introduction to native runtime obfuscation.☆76Mar 2, 2025Updated last year
- Measures average CPU cycles for the CPUID instruction to detect if the code is running in a VM by comparing against a threshold.☆22Apr 21, 2025Updated 11 months ago
- Windows User-Mode Shellcode Development Framework (WUMSDF)☆130Nov 17, 2025Updated 4 months ago
- Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver☆292Apr 21, 2025Updated 11 months ago