0007964: Freeze - payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods

ID	Project	Category	View Status	Date Submitted	Last Update

0007964	Kali Linux	[All Projects] Queued Tool Addition	public	2022-09-28 19:33	2022-09-30 13:52

Reporter	g0tmi1k	Assigned To
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	acknowledged	Resolution	open
Product Version
Target Version		Fixed in Version

Summary	0007964: Freeze - payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
Description	[Name] - Freeze [Version] - v1.1 [Homepage] - https://github.com/optiv/Freeze [Download] - https://github.com/optiv/Freeze/releases/tag/v1.1 [Author] - Optiv Security [License] - MIT [Description] - payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods Freeze is a payload creation tool used for circumventing EDR security controls to execute shellcode in a stealthy manner. Freeze utilizes multiple techniques to not only remove Userland EDR hooks, but to also execute shellcode in such a way that it circumvents other endpoint monitoring controls.

Date Modified	Username	Field	Change
2022-09-28 19:33	g0tmi1k	New Issue
2022-09-30 13:52	g0tmi1k	Note Added: 0016860
2022-09-30 13:52	g0tmi1k	Status	new => acknowledged
2022-09-30 13:52	g0tmi1k	Category	New Tool Requests => Queued Tool Addition

g0tmi1k 2022-09-30 13:52 administrator ~0016860	@kali-team, please could this be packaged up.