brosck / Awesome-AV-EDR-XDR-BypassLinks
Awesome AV/EDR/XDR Bypass Tips
☆281Updated 2 years ago
Alternatives and similar repositories for Awesome-AV-EDR-XDR-Bypass
Users that are interested in Awesome-AV-EDR-XDR-Bypass are comparing it to the libraries listed below
Sorting:
- Terminate AV/EDR Processes using kernel driver☆348Updated 2 years ago
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆431Updated last year
- Escalate Service Account To LocalSystem via Kerberos☆398Updated 2 years ago
- Go shellcode loader that combines multiple evasion techniques☆381Updated 2 years ago
- AV bypass while you sip your Chai!☆224Updated last year
- Extract and execute a PE embedded within a PNG file using an LNK file.☆445Updated 10 months ago
- Amsi Bypass payload that works on Windwos 11☆376Updated 2 years ago
- Execute shellcode from a remote-hosted bin file using Winhttp.☆236Updated 2 years ago
- Github as C2 Demonstration , free API = free C2 Infrastructure☆141Updated 2 years ago
- Kill AV/EDR leveraging BYOVD attack☆373Updated 2 years ago
- UAC Bypass By Abusing Kerberos Tickets☆498Updated 2 years ago
- MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.☆527Updated 4 months ago
- micr0shell is a Python script that dynamically generates Windows X64 PIC Null-Free reverse shell shellcode.☆197Updated last year
- ☆166Updated last year
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆258Updated last year
- Materials for the workshop "Red Team Ops: Havoc 101"☆386Updated 11 months ago
- Shellcode launcher for AV bypass☆217Updated last year
- shellcode loader for your evasion needs☆341Updated 4 months ago
- Execute shellcode files with rundll32☆208Updated last year
- yet another AV killer tool using BYOVD☆297Updated last year
- A list of python tools to help create an OPSEC-safe Cobalt Strike profile.☆483Updated 4 months ago
- All my Source Codes (Repos) for Red-Teaming & Pentesting + Blue Teaming☆231Updated 11 months ago
- A shellcode injection tool showcasing various process injection techniques☆136Updated last year
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆578Updated 8 months ago
- Cobalt Strike HTTPS beaconing over Microsoft Graph API☆607Updated last year
- ☆220Updated last year
- transform your payload into ipv4/ipv6/mac arrays☆195Updated 3 years ago
- A QoL tool to obfuscate shellcode. In the future will be able to chain encoding/encryption/compression methods.☆207Updated 2 years ago
- DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYS…☆440Updated last year
- Modules used by the Havoc Framework☆250Updated last year