There are 95 repositories under bypass-antivirus topic.
The LAZY script will make your life easier, and of course faster.
绕过专业工具检测的Webshell研究文章和免杀的Webshell
从零学习Webshell免杀手册
Powerful batch script to dismantle complete windows defender protection and even bypass tamper protection ..Disable Windows-Defender Permanently....Hack windows. POC
Red Team Cheatsheet in constant expansion.
An Python Script For Generating Payloads that Bypasses All Antivirus so far .
Keylogger is 100% invisible keylogger not only for users, but also undetectable by antivirus software. Blackcat keylogger Monitors all keystokes, Mouse clicks. It has a seperate process which continues capture system screenshot and send to ftp server in given time.
助力每一位RT队员,快速生成免杀木马
Python AV Evasion Tools
eBook "Bypassing AVS by C#.NET Programming" (Free Chapters only)
Cobalt Strike script for ScareCrow payloads intergration (EDR/AV evasion)
Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers that can run malware on the victim using the Process Ghosting technique. Also, launchers are totally anti-copy and naturally broken when got submitted.
绕过AV/EDR的代码例子(Code example to bypass AV/EDR)
Sign-Sacker(签名掠夺者):一款数字签名复制器,可将其他官方exe中数字签名,图标,详细信息复制到没有签名的exe中,作为免杀,权限维持,伪装的一种小手段。
This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR in context of download cradle detections.
Research on Anti-malware and other related security solutions
This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and download and execute your C2-shellcode which is hosted on your (C2)-webserver.
Automated Tool That Generates The Perfect Meterpreter Powershell Payload
All my Source Codes (Repos) for Red-Teaming & Pentesting + Blue Teaming
A better version of Xencrypt.Xencrypt it self is a Powershell runtime crypter designed to evade AVs.
windows-rs shellcode loaders
nim,免杀,红队,shellcode,bypass,apt,bypass-av.
Inject your x64 bit executable to any process, masking it as a legitimate process for Anti-Virus evasion.