EDR & AV Bypass Arsenal— a comprehensive collection of tools, patches, and techniques for evading modern EDR and antivirus defenses.
☆74Nov 17, 2025Updated 6 months ago
Alternatives and similar repositories for Bypass-Protection0x00
Users that are interested in Bypass-Protection0x00 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Two C# RunPE's capable of x86 and x64 injections☆11Dec 2, 2018Updated 7 years ago
- ☆17May 30, 2025Updated last year
- A 64 bit executable junk code engine for polymorphic malware.☆77Jun 16, 2025Updated 11 months ago
- ☆25Apr 30, 2012Updated 14 years ago
- PandaCrypter is a C#-based tool designed to convert PowerShell scripts into obfuscated batch files (.bat) with encryption and additional …☆51Aug 16, 2025Updated 9 months ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Core C++ library for C2 architecture, message handling, and security tooling experiments.☆25May 13, 2026Updated last month
- Evasive shellcode loader with indirect syscalls, Thread name-calling allocation, PoolParty injection☆10Feb 26, 2025Updated last year
- ☆23Jun 4, 2026Updated last week
- Hidden Features Full Hidden Access Hidden Desktop Hidden Browsers Hidden Cmd Clone Profile Hidden PowerShell Hidden Explorer Hidde…☆19Sep 30, 2022Updated 3 years ago
- LSTAR - CobaltStrike Translated to EN☆22Jun 15, 2023Updated 2 years ago
- A way to maintain long-term access to Windows LAPS for lateral movement in AD via installing an Offensive LAPS RPC backdoor on a DC.☆30Jun 9, 2025Updated last year
- Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …☆102Jan 2, 2026Updated 5 months ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆15Feb 13, 2024Updated 2 years ago
- The Windows driver and device management program for NDAS devices such as the NetDISK.☆16Jun 17, 2016Updated 9 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A pure C version of SymProcAddress☆30Mar 17, 2024Updated 2 years ago
- This repository contains tips, tricks, and examples of aggressor script functions. The intent is to share bite size examples that can be …☆18Aug 12, 2025Updated 10 months ago
- Shadow Rebirth - An Aggressive Outbreak Anti-Debugging Technique☆21Dec 3, 2024Updated last year
- Obfuscate Python code, stage payloads, and evade defenses☆25Apr 19, 2026Updated last month
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆46Sep 25, 2024Updated last year
- Detect BypassUAC using AMSI☆29Feb 18, 2025Updated last year
- Create Anti-Copy DRM Malware☆73Aug 19, 2024Updated last year
- UAC Bypass via CMUACUtil & PEB Enumeration, Undetected for now.☆52May 8, 2024Updated 2 years ago
- One gate to all syscalls!☆23Mar 12, 2022Updated 4 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Deterministic iOS 7-9 64-bit Kernel Exploit☆37Feb 28, 2026Updated 3 months ago
- ☆14Mar 28, 2024Updated 2 years ago
- Selective In-Memory Syscall Unhooking, a stealthy method to bypass user-mode hooks in ntdll.dll☆41Mar 11, 2026Updated 3 months ago
- T-1 is a shellcode loader that leverages ML techniques to detect VM environments☆37Oct 30, 2024Updated last year
- List the ETW provider(s) in the registration table of a process.☆81Sep 20, 2023Updated 2 years ago
- Loading unmanaged dll (32 and 64bits) in managed exe☆10Dec 12, 2020Updated 5 years ago
- NTAPI hook bypass with (semi) legit stack trace☆18May 9, 2023Updated 3 years ago
- Decrypt Matrix42 Empirum /EIS Passwords☆14Mar 31, 2021Updated 5 years ago
- A cmake template for crystal palace☆42Dec 20, 2025Updated 5 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- ☆12Sep 1, 2022Updated 3 years ago
- Remote administration toolkit for windows, based on Hidden VNC: file manager, keystroke logger, powershell☆41Nov 23, 2025Updated 6 months ago
- GPT fdisk partitioning tool for use under UEFI environments.☆16Nov 27, 2024Updated last year
- A Simple PoC☆22May 24, 2024Updated 2 years ago
- Windows process injection methods☆21Jul 18, 2021Updated 4 years ago
- Folder Or File Delete to Get System Shell on Current Session Desktop☆47Jan 14, 2025Updated last year
- ☆19Apr 18, 2023Updated 3 years ago