brosck/Awesome-AV-EDR-XDR-Bypass external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

brosck/Awesome-AV-EDR-XDR-Bypass

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/brosck/Awesome-AV-EDR-XDR-Bypass)

Close

brosck / Awesome-AV-EDR-XDR-BypassView on GitHubMore

• External links
• Readme badge

Awesome AV/EDR/XDR Bypass Tips

☆286Apr 23, 2023Updated 3 years ago

Alternatives and similar repositories for Awesome-AV-EDR-XDR-Bypass

Users that are interested in Awesome-AV-EDR-XDR-Bypass are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• brosck / Condor

  View on GitHub
  「🛡️」AVs/EDRs Evasion tool
  ☆104Dec 7, 2024Updated last year
• ferreiraklet / wolfy

  View on GitHub
  Wolfy AV Bypasser
  ☆31Feb 8, 2023Updated 3 years ago
• tkmru / awesome-edr-bypass

  View on GitHub
  Awesome EDR Bypass Resources For Ethical Hacking
  ☆1,528Jan 26, 2026Updated 4 months ago
• Haunted-Banshee / ErebusGate

  View on GitHub
  ErebusGate for Nim Bypass AV/EDR
  ☆159Nov 7, 2022Updated 3 years ago
• NUL0x4C / KnownDllUnhook

  View on GitHub
  Replace the .txt section of the current loaded modules from \KnownDlls\
  ☆306Sep 28, 2022Updated 3 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• fuluke / Kdmapper-Bypass360

  View on GitHub
  过360拦截加载无驱动签名
  ☆58Sep 22, 2021Updated 4 years ago
• brosck / Metafind

  View on GitHub
  「📖」Tool created to extract metadata from a domain
  ☆14Dec 7, 2024Updated last year
• MaorSabag / TrueSightKiller

  View on GitHub
  CPP AV/EDR Killer
  ☆483Nov 28, 2023Updated 2 years ago
• reveng007 / DarkWidow

  View on GitHub
  Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …
  ☆802Jan 26, 2026Updated 4 months ago
• trickster0 / TartarusGate

  View on GitHub
  TartarusGate, Bypassing EDRs
  ☆661Jan 25, 2022Updated 4 years ago
• brosck / L1LKiller

  View on GitHub
  「⚠️」Performing a BYOVD on the truesight.sys driver
  ☆46Dec 7, 2024Updated last year
• NVISOsecurity / CobaltWhispers

  View on GitHub
  CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process inject…
  ☆241Jan 4, 2023Updated 3 years ago
• enkomio / BrokenFlow

  View on GitHub
  A simple PoC to invoke an encrypted shellcode by using an hidden call
  ☆115Nov 19, 2022Updated 3 years ago
• matro7sh / BypassAV

  View on GitHub
  This map lists the essential techniques to bypass anti-virus and EDR
  ☆3,277Mar 28, 2025Updated last year
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• ZeroMemoryEx / Terminator

  View on GitHub
  Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
  ☆1,057Jun 20, 2023Updated 2 years ago
• AmoloHT / CVE-2022-33891

  View on GitHub
  「💥」CVE-2022-33891 - Apache Spark Command Injection
  ☆25Aug 1, 2022Updated 3 years ago
• WKL-Sec / HiddenDesktop

  View on GitHub
  HVNC for Cobalt Strike
  ☆1,331Dec 7, 2023Updated 2 years ago
• georgesotiriadis / Chimera

  View on GitHub
  Automated DLL Sideloading Tool With EDR Evasion Capabilities
  ☆506Dec 19, 2023Updated 2 years ago
• wikiZ / RedGuard

  View on GitHub
  RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.
  ☆1,565Aug 20, 2024Updated last year
• FalconForceTeam / BOF2shellcode

  View on GitHub
  POC tool to convert CobaltStrike BOF files to raw shellcode
  ☆220Nov 5, 2021Updated 4 years ago
• pard0p / CallstackSpoofingPOC

  View on GitHub
  C++ self-Injecting dropper based on various EDR evasion techniques.
  ☆436Feb 11, 2024Updated 2 years ago
• helviojunior / hookchain

  View on GitHub
  HookChain: A new perspective for Bypassing EDR Solutions
  ☆604Jan 5, 2025Updated last year
• Cracked5pider / Stardust

  View on GitHub
  A modern 32/64-bit position independent implant template
  ☆1,340Mar 21, 2025Updated last year
• Simple, predictable pricing with DigitalOcean hosting • Ad
  Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
• VoldeSec / PatchlessCLRLoader

  View on GitHub
  .NET assembly loader with patchless AMSI and ETW bypass
  ☆381Apr 19, 2023Updated 3 years ago
• Maldev-Academy / HellHall

  View on GitHub
  Performing Indirect Clean Syscalls
  ☆610May 2, 2026Updated last month
• Wra7h / FlavorTown

  View on GitHub
  Various ways to execute shellcode
  ☆512Mar 13, 2024Updated 2 years ago
• 0xsp-SRD / mortar

  View on GitHub
  evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)
  ☆1,504Dec 21, 2023Updated 2 years ago
• zha0gongz1 / iscsicpl_bypassUAC

  View on GitHub
  UAC bypass for x64 Windows 7 - 11（无弹窗版）
  ☆279Sep 5, 2022Updated 3 years ago
• klezVirus / SysWhispers3

  View on GitHub
  SysWhispers on Steroids - AV/EDR evasion via direct system calls.
  ☆1,641Jul 31, 2024Updated last year
• Octoberfest7 / EventViewerUAC_BOF

  View on GitHub
  Beacon Object File implementation of Event Viewer deserialization UAC bypass
  ☆132May 6, 2022Updated 4 years ago
• redteamsocietegenerale / DLLirant

  View on GitHub
  DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.
  ☆501Nov 29, 2022Updated 3 years ago
• lem0nSec / ShellGhost

  View on GitHub
  A memory-based evasion technique which makes shellcode invisible from process start to end.
  ☆1,198Oct 16, 2023Updated 2 years ago
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• Kudaes / EPI

  View on GitHub
  Threadless Process Injection through entry point hijacking
  ☆353Sep 10, 2024Updated last year
• seventeenman / CallBackDump

  View on GitHub
  dump lsass进程工具
  ☆559Jul 20, 2023Updated 2 years ago
• deepinstinct / Dirty-Vanity

  View on GitHub
  A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…
  ☆673Dec 23, 2022Updated 3 years ago
• am0nsec / HellsGate

  View on GitHub
  Original C Implementation of the Hell's Gate VX Technique
  ☆1,190Jun 28, 2021Updated 4 years ago
• Idov31 / Cronos

  View on GitHub
  PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.
  ☆624Sep 26, 2023Updated 2 years ago
• rad9800 / TamperingSyscalls

  View on GitHub
  ☆513Aug 14, 2022Updated 3 years ago
• fortra / nanodump

  View on GitHub
  The swiss army knife of LSASS dumping
  ☆2,118Sep 17, 2024Updated last year