EDR Lab for Experimentation Purposes
-
Updated
Jun 10, 2026 - C++
EDR Lab for Experimentation Purposes
This repo contains the results of an internal re-write of impacket I undertook at my current company. It contains some of the IoCs found within the library
yep full list of virustotal machines, OG REPO
A collection of Cobalt Strike Aggressor scripts.
A curated list of tools useful within the field of cyber security, for both blue and red team operations.
ExecEvasion is a lightweight execution-evasion toolkit that generates command variants designed to bypass naive filters and WAF rules by leveraging real shell parsing behavior on Linux and Windows.
Red Team Operation's Defense Evasion Technique.
Pure-Go offensive-security primitives library: syscalls, evasion (AMSI/ETW/unhook/sleepmask), injection, PE packer, credentials, post-ex, C2. MITRE ATT&CK mapped. Authorized research only.
PadZip Evader - Binary padding and ZIP compression tool for educational anti-analysis research. Inflates executables and creates highly compressed archives to demonstrate AV/EDR evasion techniques.
A stealthy Payload (and/or DLL) injector for Windows 10/11, capable of injecting a msfvenom payload (or specified DLL) into a suspended process and evade detection
PoC implementation of the GhostWriting injection technique for x64 Windows
Beacon Object File PoC implementation of KillDefender
Complete forensic analysis of a zero-detection infostealer hidden in a pirated Adobe Illustrator 2026 installer (Set-up.exe). Includes full IOCs, MITRE ATT&CK mapping, sandbox behavior, C2 infrastructure, and incident response guidance. Defensive security research only.
MITRE ATT&CK Submission - Changing Module names at runtime
Builder for analysis-aware Windows droppers
Download Adobe Illustrator for Windows 10 and 11 using this direct installer.
Evasion and payload crafting framework — AMSI bypass, AV evasion encoding, process injection, LOLBaS, shellcode staging, and EDR fingerprinting.
Defense Impairment tactic repository covering techniques for evading detection, impairing security controls, and reducing defensive visibility during offensive operations.
A collection of MAC addresses, HWIDs, IP addresses, and more sourced from VT.
Add a description, image, and links to the defense-evasion topic page so that developers can more easily learn about it.
To associate your repository with the defense-evasion topic, visit your repo's landing page and select "manage topics."