pentestpartners.com

Patchless AMSI bypass using SharpBlock

For those that followed my personal blog posts on Creating an EDR and Bypassing It, I developed a new tool called SharpBlock. The tool implements a Windows debugger to prevent EDR’s or any other DLL ...
GitHub

README.md

A method of bypassing EDR's active projection DLL's by preventing entry point execution. SharpBlock by @_EthicalChaos_ DLL Blocking app for child processes x64 -e, --exe=VALUE Program to execute ...