Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...
☆1,320Jun 21, 2024Updated 2 years ago
Alternatives and similar repositories for RealBlindingEDR
Users that are interested in RealBlindingEDR are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- 寻找可利用的白文件☆561Aug 18, 2025Updated 10 months ago
- Pillager是一个适用于后渗透期间的信息收集工具☆1,287Sep 7, 2024Updated last year
- Bypassing UAC with SSPI Datagram Contexts☆469Sep 24, 2023Updated 2 years ago
- A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the …☆1,888Nov 3, 2024Updated last year
- AV/EDR killer leveraging vulnerable kernel drivers☆489Nov 28, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- 基于 OPSEC 的 CobaltStrike 后渗透自动化链☆452Mar 11, 2024Updated 2 years ago
- 添加计划任务方法集合☆315Aug 6, 2023Updated 2 years ago
- A tool for automatic patch shellcode into binary file to bypass AV. / 一个自动patch shellcode到二进制文件的工具☆576Apr 8, 2026Updated 3 months ago
- HVNC for Cobalt Strike☆1,334Dec 7, 2023Updated 2 years ago
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer☆552Feb 13, 2024Updated 2 years ago
- 一种通过进程注入实现强制关闭部分杀软进程的方法(以360安全卫士和360杀毒为例)☆139Dec 26, 2023Updated 2 years ago
- HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.☆734Jul 19, 2023Updated 2 years ago
- Syscall免杀☆508Jun 21, 2024Updated 2 years ago
- 一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webs…☆1,476Apr 25, 2024Updated 2 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Supershell C2 远控平台,基于反向SSH隧道获取完全交互式Shell☆1,805Apr 3, 2026Updated 3 months ago
- 渗透测试C2、支持Lua插件扩展、域前置/CDN上线、自定义profile、前置sRDI、文件管理、进程管理、内存加载、截图、反向代理、分组管理☆1,389Feb 28, 2025Updated last year
- 使用Visral Studio开发ShellCode☆246Oct 11, 2023Updated 2 years ago
- A BOF that runs unmanaged PEs inline☆702Oct 23, 2024Updated last year
- A beacon object file implementation of PoolParty Process Injection Technique.☆452Dec 21, 2023Updated 2 years ago
- 一款支持自定义的 Java 内存马生成工具|A customizable Java in-memory webshell generation tool.☆2,217Aug 21, 2025Updated 10 months ago
- Confluence CVE 2021,2022,2023 利用工具,支持命令执行,哥斯拉,冰蝎 内存马注入☆561Feb 1, 2024Updated 2 years ago
- 一个浏览器数据(密码|历史记录|Cookie|书签|下载记录)的导出工具,支持主流浏览器。☆796Nov 15, 2024Updated last year
- ☆1,825Aug 30, 2024Updated last year
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- darkPulse是一个用go编写的shellcode Packer,用于生成各种各样的shellcode loader,免杀火绒,360核晶等国内常见杀软。☆879Oct 18, 2024Updated last year
- 一键提取exe的图标、嵌入图标、资源信息、版本信息、修改时间、数字签名,降低程序熵值☆435Dec 17, 2024Updated last year
- A socksv5 proxy tool Written by CLang. 一款纯C实现的轻量内网穿透工具,支持正向,反向socks5代理隧道的搭建,支持跨平台使用。☆471Mar 2, 2025Updated last year
- 助力每一位RT队员,快速生成免杀木马☆840Apr 17, 2024Updated 2 years ago
- CobaltStrike beacon written in golang☆459Oct 13, 2023Updated 2 years ago
- Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes☆1,061Jun 20, 2023Updated 3 years ago
- 高性能 HTTP 正向代理工具 | A high-performance http tunneling tool☆2,749Feb 2, 2026Updated 5 months ago
- Fileless atexec, no more need for port 445☆413Mar 28, 2024Updated 2 years ago
- Alternative Shellcode Execution Via Callbacks☆1,729Nov 11, 2022Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆627Jan 2, 2025Updated last year
- RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.☆1,565Aug 20, 2024Updated last year
- New generation of wmiexec.py☆1,289Apr 26, 2026Updated 2 months ago
- A set of fully-undetectable process injection techniques abusing Windows Thread Pools☆1,279Dec 11, 2023Updated 2 years ago
- SysWhispers on Steroids - AV/EDR evasion via direct system calls.☆1,646Jul 31, 2024Updated last year
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆1,416Nov 22, 2023Updated 2 years ago
- CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon,其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能☆727Sep 1, 2021Updated 4 years ago