Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/zer0condition/mhydeath
Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.
https://github.com/zer0condition/mhydeath
Last synced: 2 months ago
JSON representation
Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.
- Host: GitHub
- URL: https://github.com/zer0condition/mhydeath
- Owner: zer0condition
- Created: 2023-08-22T07:15:36.000Z (over 1 year ago)
- Default Branch: master
- Last Pushed: 2023-08-22T08:01:04.000Z (over 1 year ago)
- Last Synced: 2024-08-02T19:39:13.784Z (6 months ago)
- Language: C++
- Homepage:
- Size: 18.3 MB
- Stars: 365
- Watchers: 6
- Forks: 63
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-edr-bypass - zer0condition/mhydeath: Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.
README
# mhydeath
Abusing mhyprotect (not mhyprot2) to kill AVs / EDRs / XDRs / Protected Processes.
# Resources
https://github.com/ZeroMemoryEx/Terminator
https://github.com/kkent030315/evil-mhyprot-cli
# Demo
Crowdstrike Falcon and MsDefender
