search

0xsp-SRD / mortar

evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)
MIT License
1.41k stars 226 forks source link

Detected by windows defender #12

Closed TH3P1T closed 2 years ago

TH3P1T commented 2 years ago

Both agressor and deliver are detected by windows defender.

lawrenceamer commented 2 years ago

thanks for the testing, yeah I have noticed that it has been detected but since WD uses static analysis for detection, any possible modification to the main unit could do the bypass, I have already bypassed it now, not going to publish it soon image

kboykov commented 2 years ago

As of 14.03.22 it is still detectable by WD... Can you give us any suggestions what to change in the code in order to evade static analysis?

lawrenceamer commented 2 years ago

I will post a small modification soon especially for windows defender while defeating others will be pushed into early access repo

lawrenceamer commented 2 years ago

solved