The provided Python program, Nim-Backdoor.py, generates a Nim program that operates as a backdoor, allowing remote command execution via a netcat-like session. This tool is designed to work on both Linux and Windows systems. Notably, it has been engineered to bypass popular antivirus software such as Microsoft Defender, Bitdefender, and Kaspersky.

BlackHeart is a simple python script to generate powershell scripts that demonstrate reverse shell gaining without Microsoft Defender restrictions. (FOR EDUCATIONAL PURPOSES!!)

This script dynamically decodes and executes a Base64 encoded Mimikatz script, allowing users to bypass security measures and run specified Mimikatz commands.

Origami Crypter with an updated version of the stub that bypasses windows defender.

Simple obfuscated PowerShell revshell generator to bypass AMSI / Windows Defender

C# Anti-virus Bypass Tool

A simple Ransomware written in python, which also bypasses Microsoft Defender

A tool which is uses to remove Windows Defender in Windows 8.x, Windows 10 (every version) and Windows 11.

forked & better verison of defender-control by pgkt04 with more features.

In this section, we present several stagers that, as of December 2024, can be used on Windows to download simple backdoors (for example, those obtained from https://www.revshells.com/) without triggering Windows Defender.

Latest and the most advanced RAT rootkit you can get for WIndows in 2023

A USB HID-based script for red teaming that disables Windows Defender, bypasses UAC, downloads a reverse shell payload (e.g., nc64.exe), and connects back to an attacker's listener. Designed for Digispark or Arduino Leonardo devices. Intended strictly for authorized security testing and educational use only.

Python Based Crypter That Can Bypass Any Kinds Of Antivirus Products

Defender PowerShell script

A curated collection of open-source utilities and scripts for Windows Active Directory assessments and Red/Blue Team operations

About EverSpy | Purchase from official seller

Hidden malware uses techniques like UAC bypass and antivirus bypass to avoid detection. Crypters and shellcode loaders help deploy FUD payloads, while memory exclusion ensures smooth execution without interference.

RAT tools and malware builders generate trojan clients with hidden startup and encryption. Features like assembly changers and mutex improve stealth, while downloader modules ensure additional payloads are fetched securely.

Trojan builders focus on creating hidden malware with downloader and encryption capabilities. Assembly changers and mutex features ensure uniqueness, while RAT clients provide remote access to infected systems.