PlanqX EDR is an open-source, advanced Endpoint Detection and Response (EDR) solution for Windows, offering real-time system and network security. Features include API hooking, ELAM, ETW integration, AMSI, kernel-mode and APC callbacks, and baseline detection to provide comprehensive threat defense across boot-time and runtime.
☆27Jun 5, 2025Updated last year
Alternatives and similar repositories for PlanqX_EDR-Endpoint-Detection-and-Response
Users that are interested in PlanqX_EDR-Endpoint-Detection-and-Response are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Malware - Machine Learning☆11Mar 24, 2018Updated 8 years ago
- Collection of Windows kernel driver examples, offering insights into Windows internals, rootkit evasion, and advanced driver development.☆13Nov 23, 2023Updated 2 years ago
- EDR/AV Simulation for Malware Development☆13Oct 21, 2023Updated 2 years ago
- ☆17Jan 14, 2026Updated 5 months ago
- Exploits written while preparing for the OSED exam☆27Apr 30, 2024Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Windows CIFS/SMB packet generation and SMB networking library☆12Aug 25, 2020Updated 5 years ago
- Just a git repo for the sleepmask detection rule i found in https://codex-7.gitbook.io/codexs-terminal-window/blue-team/detecting-cobalt-…☆16Jun 4, 2025Updated last year
- 带后门,自测☆25Jun 4, 2025Updated last year
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆13Jul 15, 2023Updated 2 years ago
- All my POC related to malware development☆15Feb 19, 2026Updated 4 months ago
- AIDA64DRIVER Elevation of Privilege Vulnerability☆17Oct 25, 2024Updated last year
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆18Oct 31, 2024Updated last year
- 驱动开发工具包☆11Dec 8, 2018Updated 7 years ago
- [WIP] A FOSS hook-powered HIPS for Windows / 火绒文件防御功能开源实现☆11Jun 24, 2024Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- ☆18Jun 16, 2025Updated last year
- GetSystem-LCI is a PowerShell script to escalate privileges from Administrator to NT AUTHORITY\SYSTEM by abusing LanguageComponentsInstal…☆36Nov 24, 2024Updated last year
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆16Jan 7, 2023Updated 3 years ago
- Windows 10/11 unsigned kernel driver load/debugging☆21Feb 17, 2023Updated 3 years ago
- ☆12May 30, 2019Updated 7 years ago
- Driver Reverse & Exploitation☆82Sep 4, 2025Updated 9 months ago
- A low-entropy shellcode executor that encodes shellcode bytes into common English words, with anti-debugging capabilities.☆21Aug 10, 2025Updated 10 months ago
- Dynamic Identification and Recognition Technology☆11Nov 1, 2016Updated 9 years ago
- Exploring different process injection techniques based on malware analysis☆14Dec 28, 2023Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Advanced extra high speed deep packet inspect library with private AFDL language supported☆11Jul 29, 2018Updated 7 years ago
- Obfuscate payloads using IPv4, IPv6, MAC or UUID strings☆24Feb 17, 2024Updated 2 years ago
- A code-searching tool similar to ack, but faster.☆12Nov 1, 2022Updated 3 years ago
- libdt is part of the "Huorong eXtendible Stream Scan Engine" project copyright by Huorong Borui (Beijing) Technology Co., Ltd.☆14Aug 17, 2015Updated 10 years ago
- Vulnerable EDR☆26Nov 15, 2024Updated last year
- Process injection via native Windows APIs (NTAPIs)☆15Jan 16, 2024Updated 2 years ago
- A simple config parser for Apache HTTP Server config files☆13Jul 1, 2013Updated 13 years ago
- Windows file system driver which allows to block access to files at run-time (C/C++, C#, WDK, SDK)☆12Jan 1, 2023Updated 3 years ago
- Collection of different rootkit functionality, each driver representing a different rootkit component☆14May 27, 2025Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- A socks5 proxy server with advanced remote monitoring capabilities☆31Feb 24, 2024Updated 2 years ago
- Implementation of a CBS client☆22Jul 27, 2024Updated last year
- This is the AV ("protection solution") used for my windows 10 rootkit main project. this includes the installer stager program, a service…☆13May 2, 2024Updated 2 years ago
- Basic experimentation with Windows drivers.☆18Mar 3, 2023Updated 3 years ago
- ☆20Jul 23, 2023Updated 2 years ago
- Fast API Endpoint!. This project examines, analyses the malware statically & dynamically using conventional strategies and also apply mac…☆10Apr 10, 2023Updated 3 years ago
- Simple utility to watch directory change notifications on a given path☆20Oct 6, 2017Updated 8 years ago