av-bypass

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

Template-Driven AV/EDR Evasion Framework

Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures.

Resources About Anti-Virus and Anti-Anti-Virus, including 200+ tools and 1300+ posts

AV evading OSX Backdoor and Crypter Framework

Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.

A PERSISTENT FUD Backdoor ReverseShell coded in C for any Windows distro, that will make itself persistent on every BOOT and fire a decoy app in the foreground while connecting back to the attacker machine as a silent background process , spawning a POWERSHELL on the attacker machine.

A CUSTOM CODED FUD DLL, CODED IN C , WHEN LOADED , VIA A DECOY WEB-DELIVERY MODULE( FIRING A DECOY PROGRAM), WILL GIVE A REVERSE SHELL (POWERSHELL) FROM THE VICTIM MACHINE TO THE ATTACKER CONSOLE , OVER LAN AND WAN.

The only FREE and 100% FUD crypter that will still FUD, work on Windows. Powerfull obfuscator to bypass Anti-Viruses detection.

Golang packer that use process hollowing

Old 32 bit PE executable protector / crypter

Closes handles of a remote process in attempt to crash it

NTAPI hook bypass with (semi) legit stack trace

custom binary reverseshell in C#

Sandbox/Heuristic PowerShell Bypass

IRC likely reverse shell

Savitar is powerfull tool be carefull !

AV-Bypass using Encryption and Dynamic API Call in CPP

This repository contains xor shellcode encryptor that is used to bypass static or signature based detection of malicious shellcodes for Process Injection exploits

Collection of Generic Metasploit Encoder to avoid AV RegEx Pattern Matching