Search Hacking

The (Anti-)EDR Compendium

·blog.deeb.ch·Sep 29, 2024

Red Teaming in the age of EDR: Evasion of Endpoint Detection Through Malware Virtualisation

Authors: Boudewijn Meijer && Rick Veldhoven Introduction As defensive security products improve, attackers must refine their craft. Gone are the days of executing malicious binaries from di…

#malware-evasion #code-virtualization #evasion

·blog.fox-it.com·Sep 27, 2024

Red Teaming in the age of EDR: Evasion of Endpoint Detection Through Malware Virtualisation

Helixo32/CrimsonEDR: Simulate the behavior of AV/EDR for malware development training.

Simulate the behavior of AV/EDR for malware development training. - Helixo32/CrimsonEDR

#anti-edr #malware-evasion

·github.com·Apr 15, 2024

Helixo32/CrimsonEDR: Simulate the behavior of AV/EDR for malware development training.

Cracked5pider/Stardust: An modern 64-bit position independent implant template

An modern 64-bit position independent implant template

#malware-evasion #evasive-malware

·github.com·Jan 28, 2024

Cracked5pider/Stardust: An modern 64-bit position independent implant template

GitHub - optiv/Ivy: Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.

Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environmen...

#vba #macros #malware-evasion

·github.com·Jan 24, 2023

GitHub - optiv/Ivy: Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.