BestEdrOfTheMarket Versions Save
Little user-mode AV/EDR evasion lab for training & learning purposes
v1.1.0
1 month agoBest EDR Of The Market 1.1.0 (x64)
- Native Library API hooking
- Kernel32-level API hooking
- YARA rules integration
- Import Address Table (IAT) hooking
- New way for threads call stack Analysis
- Direct/Manual syscalls detection
- Indirect syscalls detection
- AMSI/ETW patching detection
Beta
5 months agoWindows x64 Beta Version / First release MSVC 17
- NT-Level Hooking
- Kernel32-Level Hooking
- Threads Call Stack Monitoring
- IAT Hooking
- SSN Crushing