Enumerate active EDR's on the system
☆152Sep 23, 2025Updated 6 months ago
Alternatives and similar repositories for EnumEDRs
Users that are interested in EnumEDRs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A Windows tool that converts LDIF files to BloodHound CE☆31Dec 20, 2025Updated 3 months ago
- Shellcode injection using the Windows Debugging API☆171Jan 4, 2026Updated 2 months ago
- ☆36Jul 1, 2025Updated 8 months ago
- Python alternative to Mimikatz lsadump::dcshadow☆161Jun 24, 2025Updated 9 months ago
- PowerShell SharePoint extraction + auditing tool for red/blue/purple teams. Enumerates all SharePoint sites/drives a user can access via …☆119Jan 25, 2026Updated 2 months ago
- Reports on Driver, LSASS and other security services mitigations☆34Aug 18, 2025Updated 7 months ago
- ☆53Sep 23, 2025Updated 6 months ago
- .NET tool used to enrich RPC telemetry☆101Jan 24, 2026Updated 2 months ago
- Group Policy Objects manipulation and exploitation framework☆298Dec 7, 2025Updated 3 months ago
- ☆48Dec 5, 2025Updated 3 months ago
- Help red teams find opsec processes during engagements☆42Dec 7, 2024Updated last year
- Listener that spawns a new tmux window for each incoming reverse shell + Supports listening on many ports☆60Jul 13, 2025Updated 8 months ago
- Burp plugin for jxscout☆20May 12, 2025Updated 10 months ago
- modified mssqlclient from impacket to extract policies from the SCCM database☆46Feb 24, 2026Updated last month
- Gain insights into COM/DCOM implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By…☆157Nov 23, 2025Updated 4 months ago
- Eve is a JAMF exploitation toolkit used to interact with locally hosted JAMF servers and those hosted on jamfcloud.com.☆42Sep 16, 2025Updated 6 months ago
- Linux post-exploitation agent that uses io_uring to stealthily bypass EDR detection by avoiding traditional syscalls.☆371Aug 29, 2025Updated 6 months ago
- Swiss Army Knife for payload encryption, obfuscation, and conversion to byte arrays – all in a single command (14 output formats supporte…☆212Mar 7, 2026Updated 2 weeks ago
- Arsenal of modules to beacon postex☆97Mar 13, 2026Updated last week
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 7 months ago
- Exploitation of CVE-2025-29969☆57Feb 20, 2026Updated last month
- BOF with Synthetic Stackframe☆235Oct 30, 2025Updated 4 months ago
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆97Aug 21, 2025Updated 7 months ago
- Permanently disable EDRs as local admin☆128Dec 19, 2025Updated 3 months ago
- Convert your shellcode into an ASCII string☆127Jun 27, 2025Updated 8 months ago
- StoneKeeper C2, an experimental EDR evasion framework for research purposes☆209Dec 25, 2024Updated last year
- NSecSoftBYOVD POC☆58Feb 12, 2026Updated last month
- Cobalt Strike BOF for evasive .NET assembly execution☆310Mar 31, 2025Updated 11 months ago
- A user-mode code and its rootkit that will Kill EDR Processes permanently by leveraging the power of Process Creation Blocking Kernel Cal…☆256Jun 10, 2025Updated 9 months ago
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Feb 10, 2025Updated last year
- Remap ntdll.dll using only NTAPI functions with a suspended process☆28Apr 13, 2025Updated 11 months ago
- A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow☆18Jun 26, 2025Updated 8 months ago
- Automated Cloud Misconfiguration Testing☆23Jun 20, 2025Updated 9 months ago
- Enhance Your Active Directory Password Spraying with User Intelligence.☆318Dec 29, 2025Updated 2 months ago
- Rust implementation, creating a scheduled task programmatically with user logon trigger.☆47Jun 10, 2025Updated 9 months ago
- Impersonate Windows tokens in Nim☆23Aug 4, 2025Updated 7 months ago
- b3acon - a mail-based C2 that communicates via an in-memory C# IMAP client dynamically compiled in memory using PowerShell.☆45Apr 21, 2025Updated 11 months ago
- Slides for COM Hijacking AV/EDR Talk on 38c3☆75Jan 3, 2025Updated last year
- Extract the SAM and SYSTEM hives using the Volume Shadow Copy (VSS) API. With exfiltration and XOR obfuscation options. Implemented in C#…☆342Feb 2, 2026Updated last month