brosck / Awesome-AV-EDR-XDR-BypassLinks
Awesome AV/EDR/XDR Bypass Tips
☆272Updated 2 years ago
Alternatives and similar repositories for Awesome-AV-EDR-XDR-Bypass
Users that are interested in Awesome-AV-EDR-XDR-Bypass are comparing it to the libraries listed below
Sorting:
- Amsi Bypass payload that works on Windwos 11☆377Updated last year
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆413Updated 11 months ago
- Terminate AV/EDR Processes using kernel driver☆344Updated last year
- Kill AV/EDR leveraging BYOVD attack☆359Updated last year
- AV bypass while you sip your Chai!☆222Updated last year
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆409Updated 10 months ago
- Credential Guard Bypass Via Patching Wdigest Memory☆329Updated 2 years ago
- Escalate Service Account To LocalSystem via Kerberos☆395Updated last year
- ☆164Updated last year
- Attempt at Obfuscated version of SharpCollection☆216Updated last week
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆607Updated 2 weeks ago
- A list of python tools to help create an OPSEC-safe Cobalt Strike profile.☆444Updated 2 weeks ago
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆558Updated 5 months ago
- Extract and execute a PE embedded within a PNG file using an LNK file.☆417Updated 7 months ago
- Execute shellcode from a remote-hosted bin file using Winhttp.☆234Updated last year
- shellcode loader for your evasion needs☆327Updated last month
- MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.☆519Updated last month
- UAC Bypass By Abusing Kerberos Tickets☆496Updated last year
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆254Updated 9 months ago
- Materials for the workshop "Red Team Ops: Havoc 101"☆378Updated 8 months ago
- Creating a repository with all public Beacon Object Files (BoFs)☆502Updated last year
- Evasive Golang Loader☆131Updated 10 months ago
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆416Updated 10 months ago
- Use hardware breakpoint to dynamically change SSN in run-time☆260Updated last year
- Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection☆292Updated last year
- Go shellcode loader that combines multiple evasion techniques☆370Updated last year
- A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk☆454Updated 11 months ago
- Github as C2 Demonstration , free API = free C2 Infrastructure☆140Updated last year
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆314Updated last year
- COM Hijacking VOODOO☆298Updated 2 months ago