tkmru / awesome-edr-bypass

Related projects ⓘ

Alternatives and complementary repositories for awesome-edr-bypass

• lem0nSec / ShellGhost
  A memory-based evasion technique which makes shellcode invisible from process start to end.
  ☆1,148Updated last year
• Xacone / BestEdrOfTheMarket
  Little user-mode AV/EDR evasion lab for training & learning purposes
  ☆994Updated 6 months ago
• nickvourd / Windows-Local-Privilege-Escalation-Cookbook
  Windows Local Privilege Escalation Cookbook
  ☆967Updated 7 months ago
• SafeBreach-Labs / PoolParty
  A set of fully-undetectable process injection techniques abusing Windows Thread Pools
  ☆952Updated 10 months ago
• 0xHossam / Killer
  Killer tool is designed to bypass AV/EDR security tools using various evasive techniques.
  ☆753Updated 4 months ago
• ZeroMemoryEx / Terminator
  Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
  ☆923Updated last year
• VirtualAlllocEx / DEFCON-31-Syscalls-Workshop
  Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
  ☆632Updated 9 months ago
• netero1010 / EDRSilencer
  A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the …
  ☆1,461Updated this week
• lsecqt / OffensiveCpp
  This repo contains C/C++ snippets that can be handy in specific offensive scenarios.
  ☆638Updated 2 months ago
• ZeroMemoryEx / Blackout
  kill anti-malware protected processes ( BYOVD) (Microsoft Won )
  ☆897Updated last year
• Idov31 / Sandman
  Sandman is a NTP based backdoor for red team engagements in hardened networks.
  ☆770Updated 7 months ago
• nickvourd / Supernova
  Real fucking shellcode encryptor & obfuscator tool
  ☆735Updated this week
• mgeeky / ProtectMyTooling
  Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts wa…
  ☆868Updated last year
• wavestone-cdt / EDRSandblast
  ☆1,519Updated 2 months ago
• wietze / HijackLibs
  Project for tracking publicly disclosed DLL Hijacking opportunities.
  ☆662Updated 2 weeks ago
• RedTeamOperations / Advanced-Process-Injection-Workshop
  ☆727Updated last year
• p0dalirius / Coercer
  A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
  ☆1,790Updated 3 weeks ago
• BC-SECURITY / Beginners-Guide-to-Obfuscation
  ☆1,010Updated 5 months ago
• nop-tech / OSED
  Containing my notes, practice binaries + solutions, blog posts, etc. for the Offensive Security Exploit Developer (OSED/EXP-301)
  ☆574Updated 2 months ago
• fr0gger / Awesome_Malware_Techniques
  This is a repository of resource about Malware techniques
  ☆636Updated last year
• assume-breach / Home-Grown-Red-Team
  ☆673Updated 7 months ago
• antonioCoco / JuicyPotatoNG
  Another Windows Local Privilege Escalation from Service Account to System
  ☆801Updated last year
• SaadAhla / FilelessPELoader
  Loading Remote AES Encrypted PE in memory , Decrypted it and run it
  ☆883Updated last year
• reveng007 / DarkWidow
  Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …
  ☆554Updated 3 weeks ago
• matro7sh / BypassAV
  This map lists the essential techniques to bypass anti-virus and EDR
  ☆2,330Updated 10 months ago
• t3l3machus / PowerShell-Obfuscation-Bible
  A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compil…
  ☆854Updated 3 months ago
• klezVirus / inceptor
  Template-Driven AV/EDR Evasion Framework
  ☆1,587Updated last year
• fortra / nanodump
  The swiss army knife of LSASS dumping
  ☆1,786Updated last month
• Idov31 / Nidhogg
  Nidhogg is an all-in-one simple to use windows kernel rootkit.
  ☆1,776Updated last month