EvasionEDR

Pinned Repositories

DllToShellCode
Fast Conversion Windows Dynamic Link Library To ShellCode
Language:C00
EchoDrv
Exploitation of echo_driver.sys
Language:C#20
EntropyReducer
Reduce Entropy And Obfuscate Youre Payload With Serialized Linked Lists
Language:C00
EtwTi-Syscall-Hook
A simple program to hook the current process to identify the manual syscall executions on windows
Language:C00
EvasionDetect
memory evasion and detect mechanisms
70
hw-call-stack
Use hardware breakpoints to spoof the call stack for both syscalls and API calls
Language:C00
Mangle
Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs
Language:Go00
noWatch
Implant drop-in for EDR testing
Language:C10
ObfLoader
MAC, IPv4, UUID shellcode Loaders and Obfuscators to obfuscate the shellcode and using some native API to converts it to it binary format and loads it.
Language:C++335
ShellCodeFramework
绕3环的shellcode免杀框架
Language:C00

EvasionEDR's Repositories

EvasionEDR/ShellCodeFramework
绕3环的shellcode免杀框架
EvasionEDR/syscall-detect
PoC capable of detecting manual syscalls from usermode.
EvasionEDR/LogServiceCrash
POC code to crash Windows Event Logger Service