murat-exp / EDR-Antivirus-Bypass-to-Gain-Shell-AccessView external linksLinks
EDR & Antivirus Bypass to Gain Shell Access
☆246Sep 30, 2024Updated last year
Alternatives and similar repositories for EDR-Antivirus-Bypass-to-Gain-Shell-Access
Users that are interested in EDR-Antivirus-Bypass-to-Gain-Shell-Access are comparing it to the libraries listed below
Sorting:
- Analyse MSI files for vulnerabilities☆143Aug 30, 2024Updated last year
- LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and r…☆381Apr 26, 2025Updated 9 months ago
- Windows Administrator level Implant.☆50Sep 28, 2024Updated last year
- HookChain: A new perspective for Bypassing EDR Solutions☆589Jan 5, 2025Updated last year
- Deploy reverse shells and perform stealthy process injection with EchoStrike – a Go-based tool for ethical hacking and Red Team operation…☆191Sep 8, 2024Updated last year
- Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.☆288May 27, 2024Updated last year
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆181May 19, 2025Updated 8 months ago
- Hacking Windows through iTunes - Local Privilege Escalation 0-day☆98Oct 4, 2024Updated last year
- Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of…☆508Aug 14, 2025Updated 6 months ago
- Evasive shellcode loader☆398Oct 17, 2024Updated last year
- ☆319Jul 6, 2022Updated 3 years ago
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆231Feb 12, 2025Updated last year
- This comprehensive process injection series is crafted for cybersecurity enthusiasts, researchers, and professionals who aim to stay at t…☆434May 22, 2025Updated 8 months ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆84Oct 18, 2024Updated last year
- This repository contains scripts about ACL abuse and any other active directory attacking methods.☆36Aug 20, 2023Updated 2 years ago
- Simulate the behavior of AV/EDR for malware development training.☆561Feb 15, 2024Updated 2 years ago
- Advanced Telegram x Discord C2, great for data Exfitration and Network evasion 🔷☆85Feb 22, 2025Updated 11 months ago
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆457Aug 2, 2024Updated last year
- CVE-2024-38200 & CVE-2024-43609 - Microsoft Office NTLMv2 Disclosure Vulnerability☆146Jan 13, 2025Updated last year
- A Tool that aims to evade av with binary padding☆160Jun 28, 2024Updated last year
- ☆42Sep 28, 2024Updated last year
- فایل ها و فیلم های ورکشاپ ردتیم 2024 با هانت لرن☆32Sep 15, 2024Updated last year
- Dump cookies and credentials directly from Chrome/Edge process memory☆1,401Jan 19, 2026Updated 3 weeks ago
- Repo for all my exploits/PoCs☆52May 6, 2025Updated 9 months ago
- StoneKeeper C2, an experimental EDR evasion framework for research purposes☆208Dec 25, 2024Updated last year
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆166Oct 9, 2024Updated last year
- Nameless C2 - A C2 with all its components written in Rust☆282Sep 26, 2024Updated last year
- PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges requir…☆154Jun 10, 2024Updated last year
- Abusing Azure services over C2☆368Jan 20, 2026Updated 3 weeks ago
- SubCerts is a simple tool that uses certificate transparency logs (via crt.sh) to extract subdomains of a given domain.☆75Jan 6, 2026Updated last month
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆194Nov 27, 2024Updated last year
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer☆539Feb 13, 2024Updated 2 years ago
- Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations…☆809Sep 3, 2024Updated last year
- Kooky cURL-powered replacement for reverse shell via /dev/tcp☆77Jan 24, 2026Updated 3 weeks ago
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆536May 9, 2025Updated 9 months ago
- A complete security assessment tool that supports common web security issues scanning and custom POC | Be sure to read the document befor…☆20Sep 27, 2024Updated last year
- Docker container for running CobaltStrike 4.10☆38Sep 18, 2024Updated last year
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆408Jan 11, 2026Updated last month
- Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths☆359Aug 11, 2024Updated last year