EDR Lab for Experimentation Purposes
-
Updated
Mar 1, 2026 - C++
#
defense-evasion
Here are 18 public repositories matching this topic...
-
Updated
Apr 26, 2026 - C++
yep full list of virustotal machines, OG REPO
python list protection blacklist virus antivirus evasion bypass virustotal defense-evasion vt-blacklist anti-virustotal
-
Updated
Nov 8, 2025 - Python
A collection of Cobalt Strike Aggressor scripts.
-
Updated
Jan 3, 2022 - PowerShell
A curated list of tools useful within the field of cyber security, for both blue and red team operations.
awesome osint reverse-engineering hacking deobfuscation cybersecurity awesome-list post-exploitation malware-analysis blueteam c2 social-engineering reconnaissance command-and-control reverse-enginnering redteam defense-evasion initial-access
-
Updated
Dec 20, 2024
Red Team Operation's Defense Evasion Technique.
cybersecurity redteaming redteam clanguage redteam-tools defense-evasion redteam-articles processhollowing
-
Updated
Jun 4, 2024 - C
ExecEvasion is a lightweight execution-evasion toolkit that generates command variants designed to bypass naive filters and WAF rules by leveraging real shell parsing behavior on Linux and Windows.
-
Updated
Jan 31, 2026 - HTML
A stealthy DLL injector for Windows 10/11, capable of injecting a specified DLL into a suspended process and evade detection
c dll-injection windows10 evasion dll-injector defense-evasion windows11 edr-evasion suspend-process
-
Updated
Apr 17, 2025 - C
PadZip Evader - Binary padding and ZIP compression tool for educational anti-analysis research. Inflates executables and creates highly compressed archives to demonstrate AV/EDR evasion techniques.
-
Updated
Oct 3, 2025 - Python
PoC implementation of the GhostWriting injection technique for x64 Windows
windows x86-64 injection poc pentesting windows-x64 redteam ghostwriting process-injection shellcode-injection shellcode-execute defense-evasion wpm-less-wpm popcalc
-
Updated
Feb 18, 2025 - C
Beacon Object File PoC implementation of KillDefender
beacon cobalt-strike av-evasion redteaming bof redteam aggressor-script cobaltstrike-cna cobaltstrike defense-evasion aggressorscript evade-av av-evade
-
Updated
Feb 9, 2022 - C
Go offensive-security research library — 15+ injection methods, AMSI/ETW/ntdll-unhook evasion, sleep mask (Ekko × XOR/RC4/AES), call-stack spoof, BYOVD (RTCore64) + kernel callback removal, LSASS dump + pure-Go MSV1_0 parser w/ PPL bypass, recon (sandbox/VM/debugger/dllhijack), PE ops (sRDI/BOF/CLR), Meterpreter C2, UAC bypass, CVE-2024-30088 LPE.
golang persistence pentest offensive-security malware-development red-team uac-bypass dll-hijacking mitre-attack process-injection windows-security amsi-bypass defense-evasion unhooking edr-bypass byovd c2-framework sleep-obfuscation etw-bypass lsass-dump
-
Updated
Apr 27, 2026 - Go
MITRE ATT&CK Submission - Changing Module names at runtime
malware malware-research process-manipulation security-research mitre-attack defense-evasion windows-process
-
Updated
May 27, 2024 - C++
Builder for analysis-aware Windows droppers
python cpp dropper malware-development anti-debugging anti-analysis anti-sandbox anti-vm security-research windows-malware defense-evasion detection-evasion
-
Updated
Jun 17, 2025 - Python
A Cobalt Strike shellcode loader that bypasses mainstream domestic antivirus software.
aes-encryption dotnet-framework privilege-escalation cobalt-strike memory-injection threat-intelligence process-hollowing exploit-development mitre-attack malleable-c2 cobaltstrike process-injection csharp-loader windows-malware shellcode-injection defense-evasion edr-evasion c2-framework beacon-loader stageless-beacon
-
Updated
Apr 26, 2026 - C#
Complete forensic analysis of a zero-detection infostealer hidden in a pirated Adobe Illustrator 2026 installer (Set-up.exe). Includes full IOCs, MITRE ATT&CK mapping, sandbox behavior, C2 infrastructure, and incident response guidance. Defensive security research only.
ioc dotnet incident-response reverse-engineering malware forensics dfir trojan cybersecurity threat-hunting malware-analysis malware-research yara virustotal threat-intelligence mitre-attack windows-malware defense-evasion infostealer sandbox-analysis
-
Updated
Apr 25, 2026
🛑 Prevent Antivirus and EDR from starting by redirecting core DLLs during Windows startup with EDRStartupHinder for enhanced system control.
template obfuscation typescript pinvoke startup free ui-components payload-generator av-evasion tailwind red-teaming process-injection amsi-bypass kernel-development pe-packer dinvoke defense-evasion edr-evasion
-
Updated
Apr 27, 2026 - C++
A collection of MAC addresses, HWIDs, IP addresses, and more sourced from VT.
list protection blacklist evasion virustotal defense-evasion vt-blacklist anti-virustotal virustotal-blacklist
-
Updated
Jun 7, 2024
Improve this page
Add a description, image, and links to the defense-evasion topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the defense-evasion topic, visit your repo's landing page and select "manage topics."