myzxcg / RealBlindingEDRLinks
Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...
☆1,084Updated last year
Alternatives and similar repositories for RealBlindingEDR
Users that are interested in RealBlindingEDR are comparing it to the libraries listed below
Sorting:
- 一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.☆508Updated 3 weeks ago
- CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon,其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能☆718Updated 3 years ago
- 免杀,bypassav,免杀框架,nim,shellcode,使用nim编写的shellcode加载器☆661Updated 4 months ago
- Use ICMLuaUtil to Bypass UAC!☆561Updated 5 years ago
- darkPulse是一个用go编写的shellcode Packer,用于生成各种各样的shellcode loader,免杀火绒,360核晶等国内常见杀软。☆848Updated 8 months ago
- 牛屎花 一款基于WEB界面的远程主机管理工具☆835Updated 2 years ago
- New generation of wmiexec.py☆1,096Updated 3 weeks ago
- Windows Elevation(持续更新)☆656Updated 3 years ago
- Open repository for learning dynamic shellcode loading (sample in many programming languages)☆250Updated 5 months ago
- Alternative Shellcode Execution Via Callbacks☆1,578Updated 2 years ago
- C2-下一代RAT☆412Updated 10 months ago
- POCs for Shellcode Injection via Callbacks☆407Updated 4 years ago
- SysWhispers on Steroids - AV/EDR evasion via direct system calls.☆1,449Updated 10 months ago
- CPP AV/EDR Killer☆422Updated last year
- not a reverse-engineered version of the Cobalt Strike Beacon☆369Updated last year
- CobaltStrike beacon written in golang☆429Updated last year
- Windows 权限提升 BadPotato☆850Updated 5 years ago
- Some demos to bypass EDRs or AVs by 78itsT3@m☆354Updated 2 years ago
- RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.☆1,486Updated 10 months ago
- 绕3环的shellcode免杀 框架☆572Updated 4 years ago
- 免杀技术大杂烩---乱拳也打不死老师傅☆1,083Updated 4 years ago
- windows-rs shellcode loaders☆357Updated 11 months ago
- 助力每一位RT队员,快速生成免杀木马☆778Updated last year
- PrintNotifyPotato☆524Updated 2 years ago
- ☆1,175Updated this week
- shellcode免杀加载器,使用go实现,免杀bypass火绒、360、核晶、def等主流杀软☆866Updated 2 months ago
- Syscall免杀☆508Updated last year
- 一个浏览器数据(密码|历史记录|Cookie|书签|下载记录)的导出工具,支持主流浏览器。☆726Updated 7 months ago
- Modifying SweetPotato to support load shellcode and webshell☆754Updated 4 years ago
- HVNC for Cobalt Strike☆1,231Updated last year