research poc
Malice: A Go-based Malware Development and EDR Evasion Toolkit Published on GitHubmalice
The 'malice' repository by redt1de provides a Go-based toolkit for malware development and EDR evasion, featuring multiple syscall techniques, call stack spoofing, and other evasion methods. It serves as a proof-of-concept demonstrating how attackers can bypass endpoint security products using advanced techniques. The toolkit includes implementations like direct/indirect syscalls, hardware breakpoint syscalls, and SilentMoonwalk desync, posing a threat to EDR detection capabilities.