Welcome!

The Tradecraft Garden is an open source corpora of in-memory evasion tradecraft, both load and runtime, packaged into position-independent DLL loaders.

The technical push of this project is to decompose evasion tradecraft into self-contained units of execution, separate from C2 frameworks. These tradecrafts separated from functionality are security ground truth. These ground truth outputs have uses for:

• Breach and Attack Simulation
• Detection Engineering
• EDR Test and Evaluation
• Security Testing Exercises

The broader goal of Tradecraft Garden is to:

• inform the security conversation
• serve as a public good resource for others to build on
• demonstrate ideas, in context, while serving multiple security use cases and communities

Latest News

• June 4, 2025 - Planting a Tradecraft Garden - Initial release