Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/zer0condition/mhydeath
Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.
https://github.com/zer0condition/mhydeath
Last synced: about 2 months ago
JSON representation
Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.
- Host: GitHub
- URL: https://github.com/zer0condition/mhydeath
- Owner: zer0condition
- Created: 2023-08-22T07:15:36.000Z (about 1 year ago)
- Default Branch: master
- Last Pushed: 2023-08-22T08:01:04.000Z (about 1 year ago)
- Last Synced: 2024-06-11T03:35:06.069Z (3 months ago)
- Language: C++
- Homepage:
- Size: 18.3 MB
- Stars: 350
- Watchers: 6
- Forks: 63
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-edr-bypass - zer0condition/mhydeath: Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.
README
# mhydeath
Abusing mhyprotect (not mhyprot2) to kill AVs / EDRs / XDRs / Protected Processes.
# Resources
https://github.com/ZeroMemoryEx/Terminator
https://github.com/kkent030315/evil-mhyprot-cli
# Demo
Crowdstrike Falcon and MsDefender
