#

bypass-edr

Here are 14 public repositories matching this topic...

0xsp-SRD / mortar

evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)

evasion bypass-antivirus redteam-tools bypass-edr

Updated Dec 21, 2023
Pascal

helviojunior / hookchain

HookChain: A new perspective for Bypassing EDR Solutions

bypass-edr hookchain evading-edr m4v3r1ck

Updated Aug 28, 2024
C

HackerCalico / No_X_BOF

Loading BOF & ShellCode without executable permission memory.

rat shellcode bypass-av bypass-antivirus red-team antivirus-evasion bof bypass-edr

Updated Oct 23, 2024
C++

VirtualAlllocEx / Payload-Download-Cradles

This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR in context of download cradle detections.

payload bypass-antivirus antivirus-evasion bypass-edr edr-evasion

Updated Jul 7, 2022
PowerShell

TunnelGRE / Percino

Evasive Golang Loader

bypass-antivirus shellcode-loader process-hollowing bypass-edr

Updated Jul 27, 2024
Go

HackerCalico / SkyShadow

Generate DLL Hijacking Payload in batches.

rat bypass-av bypass-antivirus red-team antivirus-evasion dll-hijacking bypass-edr

Updated Aug 15, 2024
Python

VirtualAlllocEx / Taskschedule-Persistence-Download-Cradles

Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged

payload bypass-antivirus antivirus-evasion bypass-edr edr-evasion

Updated Jul 7, 2022
HTML

Kara-4search / NewNtdllBypassInlineHook_CSharp

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

csharp pentesting shellcode pentest bypass bypass-antivirus shellcode-loader redteam filemapping bypass-edr

Updated Sep 6, 2021
C#

SideloadFinder

roadwy / SideloadFinder

frida based script which automates the process of discovering and exploiting DLL Hijacks in target binaries. The discovered binaries can later be weaponized during Red Team Operations to evade AV/EDR's.

bypass-antivirus dll-hijacking redteam edr-bypass bypass-edr dll-sideloading

Updated Apr 18, 2023
Python

xiosec / Terminator

PowerShell script to terminate protected processes such as anti-malware and EDRs.

in-memory bypass bypass-antivirus blueteam redteaming redteam win32-api redteam-tools hvci bypass-edr hvci-bypass gmer

Updated Jun 9, 2023
PowerShell

0xflux / Rust-Hells-Gate

Rust malware EDR evasion via direct syscalls, fully implemented as an example in Rust

rust malware rust-lang pentesting malware-research pentest offensive-security bypass-antivirus antivirus-evasion pentest-tool redteaming redteam redteam-tools edr-bypass bypass-edr edr-evasion antivirus-bypass hellsgate hells-gate

Updated Jun 4, 2024
Rust

ikermit / 11Syscalls

Windows 11 Syscall table. Ready to use in direct syscall. Actively maintained.

syscalls hooking syscall-table ntdll edr windows-11 bypass-edr

Updated Dec 4, 2021

Kara-4search / HellgateLoader_CSharp

Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.

csharp shellcode syscalls pentest bypass bypass-antivirus shellcode-loader redteam bypass-edr hellgate bypass-linehook

Updated Jan 21, 2022
C#

HackerCalico / SigLocator

Efficient RAT signature locator for bypassing AV/EDR, supporting static scanning and memory scanning.

signature rat shellcode bypass-av bypass-antivirus red-team antivirus-evasion bypass-edr

Updated Oct 23, 2024
Python

Improve this page

Add a description, image, and links to the bypass-edr topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the bypass-edr topic, visit your repo's landing page and select "manage topics."