MrEmpy / Awesome-AV-EDR-XDR-Bypass
Awesome AV/EDR/XDR Bypass Tips
☆244Updated last year
Related projects: ⓘ
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆365Updated 3 months ago
- Shellcode launcher for AV bypass☆215Updated 8 months ago
- Terminate AV/EDR Processes using kernel driver☆306Updated last year
- Materials for the workshop "Red Team Ops: Havoc 101"☆325Updated last year
- Escalate Service Account To LocalSystem via Kerberos☆387Updated last year
- Amsi Bypass payload that works on Windwos 11☆367Updated last year
- Attempt at Obfuscated version of SharpCollection☆188Updated this week
- Kill AV/EDR leveraging BYOVD attack☆301Updated last year
- AV bypass while you sip your Chai!☆205Updated 4 months ago
- SeImpersonate privilege escalation tool for Windows 8 - 11 and Windows Server 2012 - 2022 with extensive PowerShell and .NET reflection s…☆217Updated 4 months ago
- A list of python tools to help create an OPSEC-safe Cobalt Strike profile.☆355Updated 6 months ago
- ☆163Updated 10 months ago
- 🍊 Orange Tsai EventViewer RCE☆166Updated 2 years ago
- Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection☆233Updated 4 months ago
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆459Updated 10 months ago
- Execute shellcode from a remote-hosted bin file using Winhttp.☆220Updated last year
- Microsoft SharePoint Server Elevation of Privilege Vulnerability☆222Updated 11 months ago
- Evasive Golang Loader☆129Updated last month
- A shellcode injection tool showcasing various process injection techniques☆133Updated 9 months ago
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆214Updated last month
- Fileless atexec, no more need for port 445☆321Updated 5 months ago
- Github as C2 Demonstration , free API = free C2 Infrastructure☆128Updated last year
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆510Updated 2 months ago
- ☆222Updated this week
- UAC Bypass By Abusing Kerberos Tickets☆470Updated last year
- ☆309Updated this week
- micr0shell is a Python script that dynamically generates Windows X64 PIC Null-Free reverse shell shellcode.☆147Updated last month
- Credential Guard Bypass Via Patching Wdigest Memory☆304Updated last year
- ☆196Updated this week
- Lockbit3.0 Microsoft Defender MpClient.dll DLL Hijacking PoC☆169Updated 2 years ago