Awesome EDR Bypass : A Comprehensive Guide For Ethical Hackers
EDR bypass technology is not just for attackers. Many malware now have EDR bypass capabilities, knowledge that pentesters and incident responders should also be aware of.
This repository is not intended to be used to escalate attacks. Use it for ethical hacking.
A technique called HellsGate, which specifies a system call number through a value in memory, combined with a technique to call a system call by specifying an address in NTDLL where the syscall instruction is implemented, without calling the syscall instruction.
TheD1rkMtr/UnhookingPatch: Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime
op7ic/EDR-Testing-Script: Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
georgesotiriadis/Chimera: Automated DLL Sideloading Tool With EDR Evasion Capabilities
netero1010/EDRSilencer: A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.