undetectable reverse shell that can bypass windows defender and other AVs, by resolving functions at runtime and string encoding/hashing.
-
Updated
Jun 6, 2024 - C
undetectable reverse shell that can bypass windows defender and other AVs, by resolving functions at runtime and string encoding/hashing.
Closes handles of a remote process in attempt to crash it
ADR is a trojan that retrieves all information on the computer and all data stored in applications using chormuim. It recovers cookies, tokens, passwords and saved bank cards. This malware is undetectable by Windows Defender, Chrome, Virustotal (4/71).
A PERSISTENT FUD Backdoor ReverseShell coded in C for any Windows distro, that will make itself persistent on every BOOT and fire a decoy app in the foreground while connecting back to the attacker machine as a silent background process , spawning a POWERSHELL on the attacker machine.
该项目为Shellocde加载器,详细介绍了我们如何绕过防病毒软件,以及该工具如何使用
PoC designed to evade userland-hooking anti-virus.
Huorong Internet Security vulnerabilities 火绒安全软件漏洞
A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (using pe2shc by @hasherezade). Payload encryption via SystemFucntion033 NtApi and No new thread via Fiber
Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers that can run malware on the victim using the Process Ghosting technique. Also, launchers are totally anti-copy and naturally broken when got submitted.
助力每一位RT队员,快速生成免杀木马
A protective and Low Level Shellcode Loader that defeats modern EDR systems.
Add a description, image, and links to the bypass-antivirus topic page so that developers can more easily learn about it.
To associate your repository with the bypass-antivirus topic, visit your repo's landing page and select "manage topics."