Alternatives and similar repositories for RealBlindingEDR

Users that are interested in RealBlindingEDR are comparing it to the libraries listed below

• qwqdanchun / Pillager

  View on GitHub
  Pillager是一个适用于后渗透期间的信息收集工具
  ☆1,266Sep 7, 2024Updated last year
• Neo-Maoku / SearchAvailableExe

  View on GitHub
  寻找可利用的白文件
  ☆556Aug 18, 2025Updated 5 months ago
• antonioCoco / SspiUacBypass

  View on GitHub
  Bypassing UAC with SSPI Datagram Contexts
  ☆460Sep 24, 2023Updated 2 years ago
• netero1010 / EDRSilencer

  View on GitHub
  A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the …
  ☆1,813Nov 3, 2024Updated last year
• MaorSabag / TrueSightKiller

  View on GitHub
  CPP AV/EDR Killer
  ☆473Nov 28, 2023Updated 2 years ago
• WKL-Sec / HiddenDesktop

  View on GitHub
  HVNC for Cobalt Strike
  ☆1,297Dec 7, 2023Updated 2 years ago
• evilashz / PigScheduleTask

  View on GitHub
  添加计划任务方法集合
  ☆309Aug 6, 2023Updated 2 years ago
• lintstar / CS-AutoPostChain

  View on GitHub
  基于 OPSEC 的 CobaltStrike 后渗透自动化链
  ☆450Mar 11, 2024Updated last year
• MalwareTech / EDR-Preloader

  View on GitHub
  An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
  ☆539Feb 13, 2024Updated 2 years ago
• yj94 / BinarySpy

  View on GitHub
  一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.
  ☆557May 30, 2025Updated 8 months ago
• INotGreen / XiebroC2

  View on GitHub
  渗透测试C2、支持Lua插件扩展、域前置/CDN上线、自定义profile、前置sRDI、文件管理、进程管理、内存加载、截图、反向代理、分组管理
  ☆1,383Feb 28, 2025Updated 11 months ago
• fortra / No-Consolation

  View on GitHub
  A BOF that runs unmanaged PEs inline
  ☆678Oct 23, 2024Updated last year
• 0xEr3bus / PoolPartyBof

  View on GitHub
  A beacon object file implementation of PoolParty Process Injection Technique.
  ☆432Dec 21, 2023Updated 2 years ago
• huaigu4ng / SysWhispers3WinHttp

  View on GitHub
  Syscall免杀
  ☆511Jun 21, 2024Updated last year
• Dec0ne / HWSyscalls

  View on GitHub
  HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.
  ☆718Jul 19, 2023Updated 2 years ago
• tdragon6 / Supershell

  View on GitHub
  Supershell C2 远控平台，基于反向SSH隧道获取完全交互式Shell
  ☆1,771Sep 26, 2023Updated 2 years ago
• ZeroMemoryEx / Terminator

  View on GitHub
  Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
  ☆1,040Jun 20, 2023Updated 2 years ago
• Schira4396 / VcenterKiller

  View on GitHub
  一款针对Vcenter的综合利用工具，包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j，提供一键上传webs…
  ☆1,464Apr 25, 2024Updated last year
• P001water / yuze

  View on GitHub
  A socksv5 proxy tool Written by CLang. 一款纯C实现的轻量内网穿透工具，支持正向，反向socks5代理隧道的搭建，支持跨平台使用。
  ☆467Mar 2, 2025Updated 11 months ago
• 1y0n / AVKiller

  View on GitHub
  一种通过进程注入实现强制关闭部分杀软进程的方法（以360安全卫士和360杀毒为例）
  ☆138Dec 26, 2023Updated 2 years ago
• Ridter / atexec-pro

  View on GitHub
  Fileless atexec, no more need for port 445
  ☆404Mar 28, 2024Updated last year
• XiaoliChan / wmiexec-Pro

  View on GitHub
  New generation of wmiexec.py
  ☆1,255Jan 5, 2026Updated last month
• aahmad097 / AlternativeShellcodeExec

  View on GitHub
  Alternative Shellcode Execution Via Callbacks
  ☆1,696Nov 11, 2022Updated 3 years ago
• wavestone-cdt / EDRSandblast

  View on GitHub
  ☆1,781Aug 30, 2024Updated last year
• mai1zhi2 / SharpBeacon

  View on GitHub
  CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon，其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能
  ☆731Sep 1, 2021Updated 4 years ago
• kyleavery / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆1,004Jun 4, 2024Updated last year
• INotGreen / SharpThief

  View on GitHub
  一键提取exe的图标、嵌入图标、资源信息、版本信息、修改时间、数字签名，降低程序熵值
  ☆432Dec 17, 2024Updated last year
• fdx-xdf / darkPulse

  View on GitHub
  darkPulse是一个用go编写的shellcode Packer，用于生成各种各样的shellcode loader，免杀火绒，360核晶等国内常见杀软。
  ☆879Oct 18, 2024Updated last year
• StarfireLab / SharpWeb

  View on GitHub
  一个浏览器数据（密码|历史记录|Cookie|书签|下载记录）的导出工具，支持主流浏览器。
  ☆788Nov 15, 2024Updated last year
• netero1010 / GhostTask

  View on GitHub
  A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.
  ☆609Jan 2, 2025Updated last year
• pen4uin / java-memshell-generator

  View on GitHub
  一款支持自定义的 Java 内存马生成工具｜A customizable Java in-memory webshell generation tool.
  ☆2,150Aug 21, 2025Updated 5 months ago
• zema1 / suo5

  View on GitHub
  高性能 HTTP 正向代理工具 | A high-performance http tunneling tool
  ☆2,666Feb 2, 2026Updated 2 weeks ago
• SafeBreach-Labs / PoolParty

  View on GitHub
  A set of fully-undetectable process injection techniques abusing Windows Thread Pools
  ☆1,243Dec 11, 2023Updated 2 years ago
• Lotus6 / ConfluenceMemshell

  View on GitHub
  Confluence CVE 2021，2022，2023 利用工具，支持命令执行，哥斯拉，冰蝎 内存马注入
  ☆548Feb 1, 2024Updated 2 years ago
• icyguider / UAC-BOF-Bonanza

  View on GitHub
  Collection of UAC Bypass Techniques Weaponized as BOFs
  ☆603Feb 21, 2024Updated last year
• wikiZ / RedGuard

  View on GitHub
  RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.
  ☆1,562Aug 20, 2024Updated last year
• boku7 / BokuLoader

  View on GitHub
  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
  ☆1,398Nov 22, 2023Updated 2 years ago
• wangfly-me / LoaderFly

  View on GitHub
  助力每一位RT队员，快速生成免杀木马
  ☆828Apr 17, 2024Updated last year
• Z3ratu1 / geacon_plus

  View on GitHub
  CobaltStrike beacon written in golang
  ☆457Oct 13, 2023Updated 2 years ago