0007964: Freeze - payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods

ID	Project	Category	View Status	Date Submitted	Last Update

0007964	Kali Linux	Queued Tool Addition	public	2022-09-28 19:33	2022-09-30 13:52

Reporter	g0tmi1k	Assigned To
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	acknowledged	Resolution	open

Summary	0007964: Freeze - payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
Description	[Name] - Freeze [Version] - v1.1 [Homepage] - https://github.com/optiv/Freeze [Download] - https://github.com/optiv/Freeze/releases/tag/v1.1 [Author] - Optiv Security [License] - MIT [Description] - payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods Freeze is a payload creation tool used for circumventing EDR security controls to execute shellcode in a stealthy manner. Freeze utilizes multiple techniques to not only remove Userland EDR hooks, but to also execute shellcode in such a way that it circumvents other endpoint monitoring controls.

Date Modified	Username	Field	Change
2022-09-28 19:33	g0tmi1k	New Issue
2022-09-30 13:52	g0tmi1k	Note Added: 0016860
2022-09-30 13:52	g0tmi1k	Status	new => acknowledged
2022-09-30 13:52	g0tmi1k	Category	New Tool Requests => Queued Tool Addition

g0tmi1k 2022-09-30 13:52 administrator ~0016860	@kali-team, please could this be packaged up.