bypass-edr topic

List bypass-edr repositories

linWinPwn

1.7k
Stars
256
Forks
18
Watchers

linWinPwn is a bash script that streamlines the use of a number of Active Directory tools

verified publisher icon lefayjey

mortar

1.4k
Stars
221
Forks
Watchers

evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)

verified publisher icon 0xsp-SRD

Payload-Download-Cradles

249
Stars
53
Forks
Watchers

This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR in context of download cradle detections.

verified publisher icon VirtualAlllocEx

HellgateLoader_CSharp

15
Stars
1
Forks
Watchers

Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.

verified publisher icon Kara-4search

Taskschedule-Persistence-Download-Cradles

87
Stars
22
Forks
Watchers

Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged

verified publisher icon VirtualAlllocEx

NewNtdllBypassInlineHook_CSharp

58
Stars
10
Forks
Watchers

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

verified publisher icon Kara-4search

SideloadFinder

45
Stars
5
Forks
Watchers

frida based script which automates the process of discovering and exploiting DLL Hijacks in target binaries. The discovered binaries can later be weaponized during Red Team Operations to evade AV/EDR'...

verified publisher icon roadwy

Terminator

26
Stars
6
Forks
Watchers

PowerShell script to terminate protected processes such as anti-malware and EDRs.

verified publisher icon xiosec

Augustus

129
Stars
26
Forks
Watchers

Evasive Golang Loader

verified publisher icon TunnelGRE

11Syscalls

15
Stars
0
Forks
Watchers

Windows 11 Syscall table. Ready to use in direct syscall. Actively maintained.

verified publisher icon ikermit