EDR-Antivirus-Bypass

EDR-Antivirus-Bypass

This repository contains a proof-of-concept (PoC) for bypassing EDR and antivirus solutions using a memory injection technique. The code executes shellcode that spawns a reverse shell, successfully evading detection by various security mechanisms.

Key Features:

• Bypasses standard EDR and antivirus solutions.
• Executes shellcode in memory to create a reverse shell.
• Utilizes Windows API functions such as VirtualAlloc and CreateThread for payload injection.
• Tested on Windows 11 Pro and requires Kali Linux for reverse shell listener.

Benefits:

• Demonstrates advanced techniques for evading security tools.
• Educational resource for understanding EDR and antivirus bypass methods.
• Provides a framework for further development and testing of security evasion techniques.

Highlights:

• Includes detailed steps for compiling and running the code.
• Offers additional bypass techniques for advanced EDR solutions.
• Disclaimer: For educational purposes only; use responsibly in authorized environments.