EDR & Antivirus Bypass to Gain Shell Access
☆247Sep 30, 2024Updated last year
Alternatives and similar repositories for EDR-Antivirus-Bypass-to-Gain-Shell-Access
Users that are interested in EDR-Antivirus-Bypass-to-Gain-Shell-Access are comparing it to the libraries listed below
Sorting:
- Analyse MSI files for vulnerabilities☆142Aug 30, 2024Updated last year
- LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and r…☆384Apr 26, 2025Updated 10 months ago
- Windows Administrator level Implant.☆50Sep 28, 2024Updated last year
- HookChain: A new perspective for Bypassing EDR Solutions☆592Jan 5, 2025Updated last year
- Deploy reverse shells and perform stealthy process injection with EchoStrike – a Go-based tool for ethical hacking and Red Team operation…☆192Sep 8, 2024Updated last year
- Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.☆290May 27, 2024Updated last year
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆181May 19, 2025Updated 9 months ago
- Hacking Windows through iTunes - Local Privilege Escalation 0-day☆98Oct 4, 2024Updated last year
- Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of…☆507Aug 14, 2025Updated 6 months ago
- Evasive shellcode loader☆400Oct 17, 2024Updated last year
- ☆319Jul 6, 2022Updated 3 years ago
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆234Feb 12, 2025Updated last year
- This comprehensive process injection series is crafted for cybersecurity enthusiasts, researchers, and professionals who aim to stay at t…☆436May 22, 2025Updated 9 months ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆85Oct 18, 2024Updated last year
- This repository contains scripts about ACL abuse and any other active directory attacking methods.☆36Aug 20, 2023Updated 2 years ago
- Simulate the behavior of AV/EDR for malware development training.☆564Feb 15, 2024Updated 2 years ago
- Advanced Telegram x Discord C2, great for data Exfitration and Network evasion 🔷☆85Feb 22, 2025Updated last year
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆459Aug 2, 2024Updated last year
- CVE-2024-38200 & CVE-2024-43609 - Microsoft Office NTLMv2 Disclosure Vulnerability☆146Jan 13, 2025Updated last year
- A Tool that aims to evade av with binary padding☆161Jun 28, 2024Updated last year
- فایل ها و فیلم های ورکشاپ ردتیم 2024 با هانت لرن☆32Sep 15, 2024Updated last year
- Dump cookies and credentials directly from Chrome/Edge process memory☆1,410Jan 19, 2026Updated last month
- ☆43Sep 28, 2024Updated last year
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆166Oct 9, 2024Updated last year
- StoneKeeper C2, an experimental EDR evasion framework for research purposes☆209Dec 25, 2024Updated last year
- Repo for all my exploits/PoCs☆52May 6, 2025Updated 10 months ago
- Nameless C2 - A C2 with all its components written in Rust☆283Sep 26, 2024Updated last year
- PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges requir…☆155Jun 10, 2024Updated last year
- SubCerts is a simple tool that uses certificate transparency logs (via crt.sh) to extract subdomains of a given domain.☆75Jan 6, 2026Updated 2 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆195Nov 27, 2024Updated last year
- Abusing Azure services over C2☆367Jan 20, 2026Updated last month
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer☆541Feb 13, 2024Updated 2 years ago
- Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations…☆810Sep 3, 2024Updated last year
- Kooky cURL-powered replacement for reverse shell via /dev/tcp☆79Updated this week
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆539May 9, 2025Updated 10 months ago
- Docker container for running CobaltStrike 4.10☆38Sep 18, 2024Updated last year
- A complete security assessment tool that supports common web security issues scanning and custom POC | Be sure to read the document befor…☆20Sep 27, 2024Updated last year
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆411Jan 11, 2026Updated last month
- Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths��☆360Aug 11, 2024Updated last year