edr-evasion topics

Payload-Download-Cradles

249

Stars

53

Forks

Watchers

This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR in context of download cradle detections.

VirtualAlllocEx

antivirus-evasion

bypass-antivirus

bypass-edr

edr-evasion

Taskschedule-Persistence-Download-Cradles

87

Stars

22

Forks

Watchers

Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged

VirtualAlllocEx

antivirus-evasion

bypass-antivirus

bypass-edr

edr-evasion

FullDLLUnhooking_CSharp

50

Stars

10

Forks

Watchers

Unhook DLL via cleaning the DLL 's .text section

Kara-4search

apiunhook

bypass

bypass-

bypass-antivirus

Codecepticon

468

Stars

85

Forks

Watchers

.NET/PowerShell/VBA Offensive Security Obfuscator

Accenture

accenture-security

antivirus-evasion

csharp

edr-evasion

Unwinder

257

Stars

29

Forks

Watchers

Call stack spoofing for Rust

Kudaes

edr-evasion

hacking-tool

rust

hades

328

Stars

46

Forks

Watchers

Go shellcode loader that combines multiple evasion techniques

f1zm0

adversary-emulation

av-evasion

edr-evasion

evasion

acheron

290

Stars

33

Forks

Watchers

indirect syscalls for AV/EDR evasion in Go assembly

f1zm0

adversary-emulation

assembly

av-evasion

edr-bypass

PichichiH0ll0wer

46

Stars

9

Forks

Watchers

Nim process hollowing loader

itaymigdal

edr-bypass

edr-evasion

loader

payload-generator

EPI

306

Stars

34

Forks

Watchers

Threadless Process Injection through entry point hijacking

Kudaes

edr-evasion

hacking

redteam

rust