EDR-Antivirus-Bypass
This repository contains a proof-of-concept (PoC) for bypassing EDR and antivirus solutions using a memory injection technique. The code executes shellcode that spawns a reverse shell, successfully evading detection by various security mechanisms.
Key Features:
- Bypasses standard EDR and antivirus solutions.
- Executes shellcode in memory to create a reverse shell.
- Utilizes Windows API functions such as VirtualAlloc and CreateThread for payload injection.
- Tested on Windows 11 Pro and requires Kali Linux for reverse shell listener.
Benefits:
- Demonstrates advanced techniques for evading security tools.
- Educational resource for understanding EDR and antivirus bypass methods.
- Provides a framework for further development and testing of security evasion techniques.
Highlights:
- Includes detailed steps for compiling and running the code.
- Offers additional bypass techniques for advanced EDR solutions.
- Disclaimer: For educational purposes only; use responsibly in authorized environments.