Check out the "Process of Step-by-Step" by Yarden Shafir — a great resource that breaks it down clearly.

Debugging AV

From a C project through assembly to shellcode Hasherezade

Methodology

AIYA MMD - means Attack and Introduction or (Android and IOS), start Your Adventure in Mobile Malware Development. also AIYA means AIYA Nurkhankyzy.

Obfusk8 is a lightweight, header-only C++17 library designed to significantly enhance the obfuscation of your applications, making reverse engineering a substantially more challenging endeavor. It achieves this through a diverse set of compile-time and runtime techniques aimed at protecting your code's logic and data.

Call stacks are an understated yet often important source of telemetry for EDR products. They can provide vital context to an event and be an extremely powerful tool in determining false positives from true positives (especially for credential theft events such as handle access to lsass).

A user-mode code and its rootkit that will Kill EDR Processes permanently by leveraging the power of Process Creation Blocking Kernel Callback Routine registering and ZwTerminateProcess