PlanqX EDR is an open-source, advanced Endpoint Detection and Response (EDR) solution for Windows, offering real-time system and network security. Features include API hooking, ELAM, ETW integration, AMSI, kernel-mode and APC callbacks, and baseline detection to provide comprehensive threat defense across boot-time and runtime.
☆25Jun 5, 2025Updated 10 months ago
Alternatives and similar repositories for PlanqX_EDR-Endpoint-Detection-and-Response
Users that are interested in PlanqX_EDR-Endpoint-Detection-and-Response are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Mavoc is an Automated c2 Windows and Linux Pentesting Tool used to generate reverse shell and deploy attacking scripts to host machines…☆45Feb 4, 2024Updated 2 years ago
- Collection of Windows kernel driver examples, offering insights into Windows internals, rootkit evasion, and advanced driver development.☆12Nov 23, 2023Updated 2 years ago
- TP link AC600 Drivers for All Linux distros☆24Mar 16, 2024Updated 2 years ago
- EDR/AV Simulation for Malware Development☆13Oct 21, 2023Updated 2 years ago
- Commands and Scripts to attack Linux and Servers☆38May 1, 2025Updated 11 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- An automated tool kit that clones sites and builds malicious javascript , deploys public Tunneling and send info through telegram Bot☆59Mar 2, 2025Updated last year
- Exploits written while preparing for the OSED exam☆25Apr 30, 2024Updated last year
- Simple Project that Extracts PE Information.☆22Apr 4, 2025Updated last year
- Windows CIFS/SMB packet generation and SMB networking library☆12Aug 25, 2020Updated 5 years ago
- Just a git repo for the sleepmask detection rule i found in https://codex-7.gitbook.io/codexs-terminal-window/blue-team/detecting-cobalt-…☆16Jun 4, 2025Updated 10 months ago
- Inject dll to process in driver☆10Aug 27, 2024Updated last year
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆13Jul 15, 2023Updated 2 years ago
- All my POC related to malware development☆15Feb 19, 2026Updated last month
- AIDA64DRIVER Elevation of Privilege Vulnerability☆17Oct 25, 2024Updated last year
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆18Oct 31, 2024Updated last year
- 驱动开发工具包☆11Dec 8, 2018Updated 7 years ago
- GetSystem-LCI is a PowerShell script to escalate privileges from Administrator to NT AUTHORITY\SYSTEM by abusing LanguageComponentsInstal…☆36Nov 24, 2024Updated last year
- ☆17Jun 16, 2025Updated 9 months ago
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆16Jan 7, 2023Updated 3 years ago
- ☆12May 30, 2019Updated 6 years ago
- Fast, simple, pure Lua library for XML parsing☆17Mar 20, 2023Updated 3 years ago
- NMAP NSE that enumerates VNC authentication types☆14Dec 21, 2010Updated 15 years ago
- Driver Reverse & Exploitation☆82Sep 4, 2025Updated 7 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- A low-entropy shellcode executor that encodes shellcode bytes into common English words, with anti-debugging capabilities.☆22Aug 10, 2025Updated 7 months ago
- PhantomDelay is a precise delay function that uses the Windows high resolution performance counter to pause your program for a specified …☆19May 8, 2025Updated 10 months ago
- Exploring different process injection techniques based on malware analysis☆14Dec 28, 2023Updated 2 years ago
- Obfuscate payloads using IPv4, IPv6, MAC or UUID strings☆23Feb 17, 2024Updated 2 years ago
- A code-searching tool similar to ack, but faster.☆12Nov 1, 2022Updated 3 years ago
- libdt is part of the "Huorong eXtendible Stream Scan Engine" project copyright by Huorong Borui (Beijing) Technology Co., Ltd.☆14Aug 17, 2015Updated 10 years ago
- Vulnerable EDR☆24Nov 15, 2024Updated last year
- A simple config parser for Apache HTTP Server config files☆12Jul 1, 2013Updated 12 years ago
- Process injection via native Windows APIs (NTAPIs)☆15Jan 16, 2024Updated 2 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Windows file system driver which allows to block access to files at run-time (C/C++, C#, WDK, SDK)☆13Jan 1, 2023Updated 3 years ago
- Collection of different rootkit functionality, each driver representing a different rootkit component☆14May 27, 2025Updated 10 months ago
- Implementation of a CBS client☆21Jul 27, 2024Updated last year
- MiniEDR is a kernel-mode process monitor that logs creations & terminations via a named pipe. Built for research & learning, exploring Wi…☆18Feb 19, 2025Updated last year
- This is the AV ("protection solution") used for my windows 10 rootkit main project. this includes the installer stager program, a service…☆13May 2, 2024Updated last year
- Basic experimentation with Windows drivers.☆17Mar 3, 2023Updated 3 years ago
- 子域名收集工具☆18Mar 26, 2025Updated last year