Enumerate active EDR's on the system
☆154Sep 23, 2025Updated 8 months ago
Alternatives and similar repositories for EnumEDRs
Users that are interested in EnumEDRs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A Windows tool that converts LDIF files to BloodHound CE☆32Dec 20, 2025Updated 5 months ago
- Shellcode injection using the Windows Debugging API☆178Jan 4, 2026Updated 4 months ago
- ☆37Jul 1, 2025Updated 10 months ago
- Python alternative to Mimikatz lsadump::dcshadow☆162Jun 24, 2025Updated 11 months ago
- PowerShell SharePoint extraction + auditing tool for red/blue/purple teams. Enumerates all SharePoint sites/drives a user can access via …☆162Jan 25, 2026Updated 3 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Reports on Driver, LSASS and other security services mitigations☆35Aug 18, 2025Updated 9 months ago
- ☆52Mar 30, 2026Updated last month
- .NET tool used to enrich RPC telemetry☆102Jan 24, 2026Updated 4 months ago
- Group Policy Objects manipulation and exploitation framework☆308Dec 7, 2025Updated 5 months ago
- ☆50Dec 5, 2025Updated 5 months ago
- Help red teams find opsec processes during engagements☆44Dec 7, 2024Updated last year
- Listener that spawns a new tmux window for each incoming reverse shell + Supports listening on many ports☆61Jul 13, 2025Updated 10 months ago
- modified mssqlclient from impacket to extract policies from the SCCM database☆47Feb 24, 2026Updated 3 months ago
- Burp plugin for jxscout☆21May 12, 2025Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Linux post-exploitation agent that uses io_uring to stealthily bypass EDR detection by avoiding traditional syscalls.☆378Aug 29, 2025Updated 8 months ago
- Gain insights into COM/DCOM implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By…☆163Nov 23, 2025Updated 6 months ago
- Swiss Army Knife for payload encryption, obfuscation, and conversion to byte arrays – all in a single command (14 output formats supporte…☆224Mar 7, 2026Updated 2 months ago
- Eve is a JAMF exploitation toolkit used to interact with locally hosted JAMF servers and those hosted on jamfcloud.com.☆50May 1, 2026Updated 3 weeks ago
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆42Aug 5, 2025Updated 9 months ago
- Exploitation of CVE-2025-29969☆65Feb 20, 2026Updated 3 months ago
- BOF with Synthetic Stackframe☆247Oct 30, 2025Updated 6 months ago
- Convert your shellcode into an ASCII string☆129Jun 27, 2025Updated 10 months ago
- NSecSoftBYOVD POC☆60Feb 12, 2026Updated 3 months ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Arsenal of modules to beacon postex☆103Mar 13, 2026Updated 2 months ago
- StoneKeeper C2, an experimental EDR evasion framework for research purposes☆210Dec 25, 2024Updated last year
- Permanently disable EDRs as local admin☆129Dec 19, 2025Updated 5 months ago
- Cobalt Strike BOF for evasive .NET assembly execution☆319Mar 31, 2025Updated last year
- A user-mode code and its rootkit that will Kill EDR Processes permanently by leveraging the power of Process Creation Blocking Kernel Cal…☆262Jun 10, 2025Updated 11 months ago
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆151Feb 10, 2025Updated last year
- A stealthier approach to WMI-based command execution using Impacket without touching the disk.☆83Mar 15, 2026Updated 2 months ago
- A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow☆19Jun 26, 2025Updated 10 months ago
- Rust implementation, creating a scheduled task programmatically with user logon trigger.☆47Jun 10, 2025Updated 11 months ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Enhance Your Active Directory Password Spraying with User Intelligence.☆323Dec 29, 2025Updated 4 months ago
- Remap ntdll.dll using only NTAPI functions with a suspended process☆28Apr 13, 2025Updated last year
- Impersonate Windows tokens in Nim☆23Aug 4, 2025Updated 9 months ago
- PolyEngine is an evasive PE packer designed for CTF challenges and low-level Windows security education. It focuses on bypassing EDR and …☆126Apr 29, 2026Updated 3 weeks ago
- b3acon - a mail-based C2 that communicates via an in-memory C# IMAP client dynamically compiled in memory using PowerShell.☆45Apr 21, 2025Updated last year
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆109Aug 21, 2025Updated 9 months ago
- Slides for COM Hijacking AV/EDR Talk on 38c3☆75Jan 3, 2025Updated last year