brosck/Awesome-AV-EDR-XDR-Bypass external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

brosck/Awesome-AV-EDR-XDR-Bypass

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/brosck/Awesome-AV-EDR-XDR-Bypass)

Close

brosck / Awesome-AV-EDR-XDR-BypassView on GitHubMore

• External links
• Readme badge

Awesome AV/EDR/XDR Bypass Tips

☆287Apr 23, 2023Updated 2 years ago

Alternatives and similar repositories for Awesome-AV-EDR-XDR-Bypass

Users that are interested in Awesome-AV-EDR-XDR-Bypass are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• brosck / Condor

  View on GitHub
  「🛡️」AVs/EDRs Evasion tool
  ☆103Dec 7, 2024Updated last year
• ferreiraklet / wolfy

  View on GitHub
  Wolfy AV Bypasser
  ☆30Feb 8, 2023Updated 3 years ago
• tkmru / awesome-edr-bypass

  View on GitHub
  Awesome EDR Bypass Resources For Ethical Hacking
  ☆1,500Jan 26, 2026Updated 2 months ago
• Haunted-Banshee / ErebusGate

  View on GitHub
  ErebusGate for Nim Bypass AV/EDR
  ☆160Nov 7, 2022Updated 3 years ago
• NUL0x4C / KnownDllUnhook

  View on GitHub
  Replace the .txt section of the current loaded modules from \KnownDlls\
  ☆304Sep 28, 2022Updated 3 years ago
• Wordpress hosting with auto-scaling on Cloudways • Ad
  Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
• fuluke / Kdmapper-Bypass360

  View on GitHub
  过360拦截加载无驱动签名
  ☆60Sep 22, 2021Updated 4 years ago
• brosck / Metafind

  View on GitHub
  「📖」Tool created to extract metadata from a domain
  ☆14Dec 7, 2024Updated last year
• MaorSabag / TrueSightKiller

  View on GitHub
  CPP AV/EDR Killer
  ☆480Nov 28, 2023Updated 2 years ago
• reveng007 / DarkWidow

  View on GitHub
  Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …
  ☆789Jan 26, 2026Updated 2 months ago
• trickster0 / TartarusGate

  View on GitHub
  TartarusGate, Bypassing EDRs
  ☆659Jan 25, 2022Updated 4 years ago
• brosck / L1LKiller

  View on GitHub
  「⚠️」Performing a BYOVD on the truesight.sys driver
  ☆45Dec 7, 2024Updated last year
• NVISOsecurity / CobaltWhispers

  View on GitHub
  CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process inject…
  ☆242Jan 4, 2023Updated 3 years ago
• enkomio / BrokenFlow

  View on GitHub
  A simple PoC to invoke an encrypted shellcode by using an hidden call
  ☆115Nov 19, 2022Updated 3 years ago
• ZeroMemoryEx / Terminator

  View on GitHub
  Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
  ☆1,046Jun 20, 2023Updated 2 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• matro7sh / BypassAV

  View on GitHub
  This map lists the essential techniques to bypass anti-virus and EDR
  ☆3,179Mar 28, 2025Updated last year
• AmoloHT / CVE-2022-33891

  View on GitHub
  「💥」CVE-2022-33891 - Apache Spark Command Injection
  ☆25Aug 1, 2022Updated 3 years ago
• WKL-Sec / HiddenDesktop

  View on GitHub
  HVNC for Cobalt Strike
  ☆1,311Dec 7, 2023Updated 2 years ago
• wikiZ / RedGuard

  View on GitHub
  RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.
  ☆1,560Aug 20, 2024Updated last year
• georgesotiriadis / Chimera

  View on GitHub
  Automated DLL Sideloading Tool With EDR Evasion Capabilities
  ☆506Dec 19, 2023Updated 2 years ago
• FalconForceTeam / BOF2shellcode

  View on GitHub
  POC tool to convert CobaltStrike BOF files to raw shellcode
  ☆221Nov 5, 2021Updated 4 years ago
• helviojunior / hookchain

  View on GitHub
  HookChain: A new perspective for Bypassing EDR Solutions
  ☆593Jan 5, 2025Updated last year
• CryptoBreach / UnhookPoC

  View on GitHub
  A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.
  ☆10Dec 16, 2021Updated 4 years ago
• Cracked5pider / Stardust

  View on GitHub
  A modern 32/64-bit position independent implant template
  ☆1,310Mar 21, 2025Updated last year
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• VoldeSec / PatchlessCLRLoader

  View on GitHub
  .NET assembly loader with patchless AMSI and ETW bypass
  ☆374Apr 19, 2023Updated 2 years ago
• pard0p / CallstackSpoofingPOC

  View on GitHub
  C++ self-Injecting dropper based on various EDR evasion techniques.
  ☆427Feb 11, 2024Updated 2 years ago
• Maldev-Academy / HellHall

  View on GitHub
  Performing Indirect Clean Syscalls
  ☆607Apr 19, 2023Updated 2 years ago
• Wra7h / FlavorTown

  View on GitHub
  Various ways to execute shellcode
  ☆507Mar 13, 2024Updated 2 years ago
• 0xsp-SRD / mortar

  View on GitHub
  evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)
  ☆1,501Dec 21, 2023Updated 2 years ago
• zha0gongz1 / iscsicpl_bypassUAC

  View on GitHub
  UAC bypass for x64 Windows 7 - 11（无弹窗版）
  ☆281Sep 5, 2022Updated 3 years ago
• klezVirus / SysWhispers3

  View on GitHub
  SysWhispers on Steroids - AV/EDR evasion via direct system calls.
  ☆1,606Jul 31, 2024Updated last year
• Octoberfest7 / EventViewerUAC_BOF

  View on GitHub
  Beacon Object File implementation of Event Viewer deserialization UAC bypass
  ☆133May 6, 2022Updated 3 years ago
• redteamsocietegenerale / DLLirant

  View on GitHub
  DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.
  ☆498Nov 29, 2022Updated 3 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• lem0nSec / ShellGhost

  View on GitHub
  A memory-based evasion technique which makes shellcode invisible from process start to end.
  ☆1,197Oct 16, 2023Updated 2 years ago
• Kudaes / EPI

  View on GitHub
  Threadless Process Injection through entry point hijacking
  ☆352Sep 10, 2024Updated last year
• seventeenman / CallBackDump

  View on GitHub
  dump lsass进程工具
  ☆562Jul 20, 2023Updated 2 years ago
• deepinstinct / Dirty-Vanity

  View on GitHub
  A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…
  ☆673Dec 23, 2022Updated 3 years ago
• rad9800 / TamperingSyscalls

  View on GitHub
  ☆511Aug 14, 2022Updated 3 years ago
• am0nsec / HellsGate

  View on GitHub
  Original C Implementation of the Hell's Gate VX Technique
  ☆1,174Jun 28, 2021Updated 4 years ago
• Idov31 / Cronos

  View on GitHub
  PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.
  ☆619Sep 26, 2023Updated 2 years ago