Pinned Repositories
DllToShellCode
Fast Conversion Windows Dynamic Link Library To ShellCode
EchoDrv
Exploitation of echo_driver.sys
EntropyReducer
Reduce Entropy And Obfuscate Youre Payload With Serialized Linked Lists
EtwTi-Syscall-Hook
A simple program to hook the current process to identify the manual syscall executions on windows
EvasionDetect
memory evasion and detect mechanisms
hw-call-stack
Use hardware breakpoints to spoof the call stack for both syscalls and API calls
Mangle
Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs
noWatch
Implant drop-in for EDR testing
ObfLoader
MAC, IPv4, UUID shellcode Loaders and Obfuscators to obfuscate the shellcode and using some native API to converts it to it binary format and loads it.
ShellCodeFramework
绕3环的shellcode免杀框架
EvasionEDR's Repositories
EvasionEDR/ShellCodeFramework
绕3环的shellcode免杀框架
EvasionEDR/syscall-detect
PoC capable of detecting manual syscalls from usermode.
EvasionEDR/LogServiceCrash
POC code to crash Windows Event Logger Service