Open-Source Shellcode & PE Packer
-
Updated
Feb 3, 2024 - C
#
antivirus-evasion
Here are 15 public repositories matching this topic...
AV Evasion Tool For Red Team Ops
-
Updated
Dec 8, 2021 - C
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
workshop shellcode syscalls malware-analysis malware-development shellcode-loader antivirus-evasion windows-internals edr-bypass edr-evasion antivirus-bypass malware-development-guide direct-syscalls indirect-syscalls
-
Updated
May 23, 2025 - C
PoC designed to evade userland-hooking anti-virus.
windows proof-of-concept userland malware poc malware-research bypass-av bypassantivirus hooking bypass-antivirus antivirus-evasion antivirus-testing hacky-hack-hack
-
Updated
May 15, 2019 - C
Cross platform (Linux / Windows) shellcode packer for CTFs and pentest / red team exams aiming for AV evasion !
packer shellcode shellcode-loader antivirus-evasion loader-generator antivirus-bypass shellcode-runner evasion-techniques
-
Updated
Jun 19, 2025 - C
Research on malware creation and protection
-
Updated
Jan 2, 2021 - C
A CUSTOM CODED FUD DLL, CODED IN C , WHEN LOADED , VIA A DECOY WEB-DELIVERY MODULE( FIRING A DECOY PROGRAM), WILL GIVE A REVERSE SHELL (POWERSHELL) FROM THE VICTIM MACHINE TO THE ATTACKER CONSOLE , OVER LAN AND WAN.
reverse-shell trojan fud antivirus-evasion av-evasion malware-sample evade trojan-rat av-bypass backdoors-created trojan-malware backdoor-attacks antiviral-resistance custom-reverseshell c-reverseshell
-
Updated
Jun 4, 2019 - C
BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR
-
Updated
Feb 8, 2024 - C
EDR & AV Bypass Arsenal— a comprehensive collection of tools, patches, and techniques for evading modern EDR and antivirus defenses.
reverse-engineering loader cybersecurity kernel-driver shellcode elf malware-analysis evasion hooking red-team antivirus-evasion blue-team windows-security edr-evasion bypass-protection
-
Updated
Jul 27, 2025 - C
Bypass Windows Defender with a persistent staged reverse shell using C code & metasploit framework
linux backdoor tool malware remote hacking trojan rat antivirus bypass kali-linux autorun bypassantivirus remote-access antivirus-evasion antivirus-bypass l0pa haxl0p4
-
Updated
Oct 24, 2024 - C
EDRSandBlast is a tool written in C that weaponize a vulnerable signed driver to bypass EDR detections (Notify Routine callbacks, Object Callbacks and ETW TI provider) and LSASS protections. Multiple userland unhooking techniques are also implemented to evade userland monitoring.
-
Updated
Jan 24, 2024 - C
Simple but effective methods to avoid being detected by antivirus
-
Updated
Sep 15, 2024 - C
A proof-of-concept demonstrating static antivirus evasion using AES-encrypted shellcode in C. Includes encryption script in Python and a runtime decryption/execution mechanism in Windows.
-
Updated
Apr 29, 2025 - C
Improve this page
Add a description, image, and links to the antivirus-evasion topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the antivirus-evasion topic, visit your repo's landing page and select "manage topics."