New EDRChoker Tool Uses Policy-Based Quality of Service to Block EDR Processes

**EDRChoker** is an open-source red-team tool that leverages Windows Policy-Based Quality of Service (QoS) via pacer.sys to throttle EDR agent network traffic to near-zero, preventing cloud-connected EDR agents from completing TLS handshakes or contacting their management servers and thereby evading WFP-level detections; the tool auto-generates per-process GUID-named QoS policies that persist across reboots and includes install and remove modes.