EDR Killer

GitHub - netero1010/EDRSilencer: A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.GitHub

GitHub - cpu0x00/EternelSuspention: a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it uselessGitHub

GitHub - zer0condition/mhydeath: Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.GitHub

BYOVD

GitHub - ph4nt0mbyt3/Darkside: C# AV/EDR Killer using less-known driver (BYOVD)GitHub

Physical Access

GitHub - lkarlslund/nifo: Nuke It From Orbit - remove AV/EDR with physical accessGitHub