PlanqX EDR is an open-source, advanced Endpoint Detection and Response (EDR) solution for Windows, offering real-time system and network security. Features include API hooking, ELAM, ETW integration, AMSI, kernel-mode and APC callbacks, and baseline detection to provide comprehensive threat defense across boot-time and runtime.
☆27Jun 5, 2025Updated last year
Alternatives and similar repositories for PlanqX_EDR-Endpoint-Detection-and-Response
Users that are interested in PlanqX_EDR-Endpoint-Detection-and-Response are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Malware - Machine Learning☆11Mar 24, 2018Updated 8 years ago
- Collection of Windows kernel driver examples, offering insights into Windows internals, rootkit evasion, and advanced driver development.☆13Nov 23, 2023Updated 2 years ago
- EDR/AV Simulation for Malware Development☆13Oct 21, 2023Updated 2 years ago
- ☆17Jan 14, 2026Updated 4 months ago
- ☆20Feb 7, 2024Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Windows CIFS/SMB packet generation and SMB networking library☆12Aug 25, 2020Updated 5 years ago
- Just a git repo for the sleepmask detection rule i found in https://codex-7.gitbook.io/codexs-terminal-window/blue-team/detecting-cobalt-…☆16Jun 4, 2025Updated last year
- Inject dll to process in driver☆10Aug 27, 2024Updated last year
- 带后门,自测☆24Jun 4, 2025Updated last year
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆13Jul 15, 2023Updated 2 years ago
- AIDA64DRIVER Elevation of Privilege Vulnerability☆17Oct 25, 2024Updated last year
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆18Oct 31, 2024Updated last year
- 驱动开发工具包☆11Dec 8, 2018Updated 7 years ago
- [WIP] A FOSS hook-powered HIPS for Windows / 火绒文件防御功能开源实现☆11Jun 24, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- GetSystem-LCI is a PowerShell script to escalate privileges from Administrator to NT AUTHORITY\SYSTEM by abusing LanguageComponentsInstal…☆36Nov 24, 2024Updated last year
- ☆17Jun 16, 2025Updated 11 months ago
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆16Jan 7, 2023Updated 3 years ago
- Windows 10/11 unsigned kernel driver load/debugging☆20Feb 17, 2023Updated 3 years ago
- ☆12May 30, 2019Updated 7 years ago
- Driver Reverse & Exploitation☆82Sep 4, 2025Updated 9 months ago
- A low-entropy shellcode executor that encodes shellcode bytes into common English words, with anti-debugging capabilities.☆21Aug 10, 2025Updated 10 months ago
- Dynamic Identification and Recognition Technology☆10Nov 1, 2016Updated 9 years ago
- Exploring different process injection techniques based on malware analysis☆14Dec 28, 2023Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Advanced extra high speed deep packet inspect library with private AFDL language supported☆11Jul 29, 2018Updated 7 years ago
- Obfuscate payloads using IPv4, IPv6, MAC or UUID strings☆24Feb 17, 2024Updated 2 years ago
- libdt is part of the "Huorong eXtendible Stream Scan Engine" project copyright by Huorong Borui (Beijing) Technology Co., Ltd.☆14Aug 17, 2015Updated 10 years ago
- Vulnerable EDR☆26Nov 15, 2024Updated last year
- Process injection via native Windows APIs (NTAPIs)☆15Jan 16, 2024Updated 2 years ago
- A simple config parser for Apache HTTP Server config files☆13Jul 1, 2013Updated 12 years ago
- Windows file system driver which allows to block access to files at run-time (C/C++, C#, WDK, SDK)☆12Jan 1, 2023Updated 3 years ago
- Collection of different rootkit functionality, each driver representing a different rootkit component☆14May 27, 2025Updated last year
- A socks5 proxy server with advanced remote monitoring capabilities☆31Feb 24, 2024Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Implementation of a CBS client☆22Jul 27, 2024Updated last year
- This is the AV ("protection solution") used for my windows 10 rootkit main project. this includes the installer stager program, a service…☆13May 2, 2024Updated 2 years ago
- Basic experimentation with Windows drivers.☆18Mar 3, 2023Updated 3 years ago
- my dot files in ubuntu☆10Jan 29, 2026Updated 4 months ago
- ☆20Jul 23, 2023Updated 2 years ago
- Fast API Endpoint!. This project examines, analyses the malware statically & dynamically using conventional strategies and also apply mac…☆10Apr 10, 2023Updated 3 years ago
- Simple utility to watch directory change notifications on a given path☆20Oct 6, 2017Updated 8 years ago