0xJs / EnumEDRsLinks
Enumerate active EDR's on the system
☆148Updated 3 months ago
Alternatives and similar repositories for EnumEDRs
Users that are interested in EnumEDRs are comparing it to the libraries listed below
Sorting:
- Remote DLL Injection with Timer-based Shellcode Execution☆151Updated 5 months ago
- Convert your shellcode into an ASCII string☆124Updated 6 months ago
- EDR-Redir : a tool used to redirect the EDR's folder to another location.☆214Updated 2 months ago
- Morpheus is an lsass stealer that extracts lsass.exe in RAM and exfiltrates it via forged and crypted NTP packets. For authorized testin…☆122Updated 6 months ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆164Updated 5 months ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆149Updated last year
- StoneKeeper C2, an experimental EDR evasion framework for research purposes☆207Updated last year
- Stage 0☆168Updated last year
- Охотник (Hunter) is a simple Adversary Simulation tool developed for achieves stealth through API unhooking, direct and indirect syscalls…☆90Updated 8 months ago
- Utilizng an MCP Server to communicate with your C2☆86Updated 7 months ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆139Updated last year
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆102Updated 9 months ago
- A user-mode code and its rootkit that will Kill EDR Processes permanently by leveraging the power of Process Creation Blocking Kernel Cal…☆251Updated 7 months ago
- Automatically scan the file system to identify Electron applications vulnerable to ASAR tampering.☆148Updated last month
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆196Updated 11 months ago
- Windows Persistence IT-Security☆108Updated 10 months ago
- Adversary Emulation Framework☆128Updated 6 months ago
- Shellcode injection using the Windows Debugging API☆153Updated last week
- A Mythic agent for Windows written in C☆151Updated this week
- RunPE implementation with multiple evasive techniques (2)☆265Updated 3 months ago
- Conquest is a feature-rich and malleable command & control/post-exploitation framework developed in Nim.☆250Updated this week
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Updated 11 months ago
- Collection of BOFs created for red team/adversary engagements. Created to be small and interchangeable, for quick recon or eventing.☆204Updated this week
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆154Updated 9 months ago
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆155Updated last year
- Command and Control (C2) framework☆132Updated 7 months ago
- Two tools written in C that block network traffic for blacklisted EDR processes, using either Windows Defender Firewall (WDF) or Windows …☆255Updated 3 months ago
- A small How-To on creating your own weaponized WSL file☆119Updated 5 months ago
- Generate an Alphabetical Polymorphic Shellcode☆136Updated 4 months ago
- PoC that downloads an executable from a public SSL certificate☆135Updated 5 months ago