EDR/AV Simulation for Malware Development
☆13Oct 21, 2023Updated 2 years ago
Alternatives and similar repositories for MaldevEDR
Users that are interested in MaldevEDR are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- NTAPI hook bypass with (semi) legit stack trace☆19May 9, 2023Updated 2 years ago
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆16Jan 7, 2023Updated 3 years ago
- Just a git repo for the sleepmask detection rule i found in https://codex-7.gitbook.io/codexs-terminal-window/blue-team/detecting-cobalt-…☆16Jun 4, 2025Updated 9 months ago
- Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"☆31Jan 14, 2023Updated 3 years ago
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆21Feb 8, 2024Updated 2 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆41Jul 9, 2023Updated 2 years ago
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆46Jul 16, 2023Updated 2 years ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆65Mar 19, 2024Updated 2 years ago
- direct systemcalls with a modern c++20 interface.☆45Jan 6, 2023Updated 3 years ago
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆72Mar 6, 2024Updated 2 years ago
- Small utility package for manipulating Windows process tokens☆26Apr 26, 2022Updated 3 years ago
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Mar 27, 2025Updated 11 months ago
- A BOF to create a scheduled task using a COM object.☆16Dec 3, 2024Updated last year
- Golang 写的免杀框架,通过系统调用等手法bypass AV/EDR☆23Jul 11, 2024Updated last year
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Bypassing AV, EDR, Application Whitelisting and ASR Rules☆13Apr 18, 2023Updated 2 years ago
- ☆12Nov 12, 2023Updated 2 years ago
- PlanqX EDR is an open-source, advanced Endpoint Detection and Response (EDR) solution for Windows, offering real-time system and network …☆24Jun 5, 2025Updated 9 months ago
- A SOCKS5-configured syscall hook that allows transparent TCP proxying on Windows for IPv4 and IPv6.☆27Jul 9, 2021Updated 4 years ago
- some AV / EDR / analysis studies☆10May 21, 2023Updated 2 years ago
- SuperH CPU emulator, made to understand how SH4 CPU works (and not for native emulation !)☆15Nov 4, 2023Updated 2 years ago
- A tool that bypasses Windows Defender by manually loading DLLs, parsing EAT directly, and updating IAT with unhooked functions to run M…☆21Jul 14, 2024Updated last year
- This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…☆55May 8, 2023Updated 2 years ago
- ☆13Jun 14, 2023Updated 2 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆13Jul 15, 2023Updated 2 years ago
- PAGE_GUARD based hooking library☆52Jul 25, 2022Updated 3 years ago
- All my POC related to malware development☆15Feb 19, 2026Updated last month
- AIDA64DRIVER Elevation of Privilege Vulnerability☆16Oct 25, 2024Updated last year
- An ambitious project to make an easy-to-use but powerful reverse-engineering tool.☆10Oct 13, 2022Updated 3 years ago
- Rex Shellcode Loader for AV/EDR evasion☆35Apr 7, 2024Updated last year
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆18Oct 31, 2024Updated last year
- Hidedump:a lsassdump tools that may bypass EDR☆51May 23, 2024Updated last year
- Direct syscalls Injection to bypass AV/EDR☆11May 18, 2024Updated last year
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- vehsyscall:a syscall project that may bypass EDR☆62Mar 1, 2024Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆52Dec 4, 2023Updated 2 years ago
- Bypass EDR(Endpoint Detection and Response) environment to write Behinder jsp webshell onto webserver☆13Dec 27, 2023Updated 2 years ago
- ☆12May 30, 2019Updated 6 years ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆15Jan 10, 2024Updated 2 years ago
- ☆42Feb 18, 2025Updated last year
- BloodyAv is Custom Shell Code loader to Bypass Av and Edr.☆14Mar 21, 2022Updated 4 years ago