Rostelecom-Red-Team / GoodbyeEDR

Related projects ⓘ

Alternatives and complementary repositories for GoodbyeEDR

• wilszdev / SchtasksUacBypass
  bypass UAC even when configured to always notify user
  ☆29Updated 3 years ago
• knightswd / ProcessGhosting
  ☆72Updated 3 years ago
• NoOne-hub / bypass-BeaconEye
  bypass BeaconEye
  ☆88Updated 3 years ago
• scareing / UAC_wenpon
  UAC_wenpon
  ☆48Updated 2 years ago
• timwhitez / ReturnGate
  ReturnGate, just like HellsGate.
  ☆65Updated 2 years ago
• HadesW / power-kill
  power-kill is a project that kill protected processes (such as EDR or AV) by injecting shellcode into high privilege processes
  ☆46Updated 3 years ago
• timwhitez / killProcessPOC
  use aswArPot.sys to kill process
  ☆64Updated 2 years ago
• w1u0u1 / kt
  Kernel file/process/object tool
  ☆64Updated 3 years ago
• Jeffry38 / HiddenVNC
  A simple hidden vnc.
  ☆32Updated 3 years ago
• timwhitez / Spoofing-Gate
  (Hellsgate|Halosgate|Tartarosgate)+Spoofing-Gate. Ensures that all systemcalls go through ntdll.dll
  ☆41Updated 2 years ago
• dust-life / run_pe
  ☆46Updated 3 years ago
• Kara-4search / DInvoke_shellcodeload_CSharp
  ShellCodeLoader via DInvoke
  ☆49Updated 3 years ago
• crisprss / goHashDumper
  用于Dump指定进程的内存,主要利用静默退出机制(SilentProcessExit)和Windows API(MiniDumpW)实现
  ☆25Updated 2 years ago
• Octoberfest7 / KillDefender_BOF
  Beacon Object File implementation of pwn1sher's KillDefender
  ☆62Updated 2 years ago
• hoo1ng / ImitateCobaltStrikeShellcode
  Imitate CobaltStrike's Shellcode Generation
  ☆3Updated 2 years ago
• aazhuliang / CVE-2021-31956-EXP
  ☆40Updated 2 years ago
• evilashz / CVE-2021-1675-LPE-EXP
  PrintNightmare , Local Privilege Escalation of CVE-2021-1675 or CVE-2021-34527
  ☆58Updated 3 years ago
• y11en / BabyBypass
  看起来叫BabyBypass，实际啥都会记一些
  ☆16Updated last year
• ShadowMccc / MemoryEvasion
  A Cobalt Strike memory evasion loader for redteamers
  ☆95Updated last year
• Rvn0xsy / AsmShellcodeLoader
  汇编语言编写Shellcode加载器源代码 https://payloads.online/archivers/2022-02-16/1/
  ☆77Updated 2 years ago
• idiotc4t / ObfuscationStrings-new
  ☆30Updated 4 years ago
• GamehunterKaan / Plog
  A Mimikatz For Only Extracting Login Passwords.(Bypasses Most AV's)
  ☆59Updated 2 years ago
• ScriptIdiot / sw2-secinject
  Section Mapping Process Injection modified with SysWhisper2 (sw2-secinject): Cobalt Strike BOF
  ☆41Updated 2 years ago
• WBGlIl / ReflectiveDLL_Patch
  ☆36Updated 4 years ago
• crisprss / Extracted_WD_VDM
  Windows Defender VDM lua collections
  ☆45Updated 2 years ago
• XiaoliChan / LDAPShell
  A wrapper of ldap_shell.py module which in ntlmrelayx
  ☆60Updated 2 years ago
• evilashz / Visual-Studio-BOF-template
  more conveniently Visual-Studio-BOF-template
  ☆53Updated last year
• sailay1996 / windows-stuff
  my learning case about windows
  ☆21Updated 2 years ago
• bestspear / ReBeacon_ForClang
  Beacon compiled using clang
  ☆59Updated last year
• evilashz / ProxyAPICall
  Just another version of the custom stack call from Proxy-Function-Calls-For-ETwTI
  ☆32Updated last year