PlanqX EDR is an open-source, advanced Endpoint Detection and Response (EDR) solution for Windows, offering real-time system and network security. Features include API hooking, ELAM, ETW integration, AMSI, kernel-mode and APC callbacks, and baseline detection to provide comprehensive threat defense across boot-time and runtime.
☆26Jun 5, 2025Updated 11 months ago
Alternatives and similar repositories for PlanqX_EDR-Endpoint-Detection-and-Response
Users that are interested in PlanqX_EDR-Endpoint-Detection-and-Response are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Collection of Windows kernel driver examples, offering insights into Windows internals, rootkit evasion, and advanced driver development.☆13Nov 23, 2023Updated 2 years ago
- EDR/AV Simulation for Malware Development☆13Oct 21, 2023Updated 2 years ago
- ☆17Jan 14, 2026Updated 4 months ago
- Exploits written while preparing for the OSED exam☆26Apr 30, 2024Updated 2 years ago
- Simple Project that Extracts PE Information.☆22Apr 4, 2025Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Windows CIFS/SMB packet generation and SMB networking library☆12Aug 25, 2020Updated 5 years ago
- Just a git repo for the sleepmask detection rule i found in https://codex-7.gitbook.io/codexs-terminal-window/blue-team/detecting-cobalt-…☆16Jun 4, 2025Updated 11 months ago
- Inject dll to process in driver☆10Aug 27, 2024Updated last year
- 带后门,自测☆25Jun 4, 2025Updated 11 months ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆13Jul 15, 2023Updated 2 years ago
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆18Oct 31, 2024Updated last year
- 驱动开发工具包☆11Dec 8, 2018Updated 7 years ago
- GetSystem-LCI is a PowerShell script to escalate privileges from Administrator to NT AUTHORITY\SYSTEM by abusing LanguageComponentsInstal…☆36Nov 24, 2024Updated last year
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆16Jan 7, 2023Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Windows 10/11 unsigned kernel driver load/debugging☆20Feb 17, 2023Updated 3 years ago
- ☆12May 30, 2019Updated 6 years ago
- Fast, simple, pure Lua library for XML parsing☆18Mar 20, 2023Updated 3 years ago
- Driver Reverse & Exploitation☆82Sep 4, 2025Updated 8 months ago
- NMAP NSE that enumerates VNC authentication types☆14Dec 21, 2010Updated 15 years ago
- A low-entropy shellcode executor that encodes shellcode bytes into common English words, with anti-debugging capabilities.☆22Aug 10, 2025Updated 9 months ago
- Dynamic Identification and Recognition Technology☆10Nov 1, 2016Updated 9 years ago
- Exploring different process injection techniques based on malware analysis☆14Dec 28, 2023Updated 2 years ago
- Obfuscate payloads using IPv4, IPv6, MAC or UUID strings☆24Feb 17, 2024Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- libdt is part of the "Huorong eXtendible Stream Scan Engine" project copyright by Huorong Borui (Beijing) Technology Co., Ltd.☆14Aug 17, 2015Updated 10 years ago
- Vulnerable EDR☆25Nov 15, 2024Updated last year
- Process injection via native Windows APIs (NTAPIs)☆15Jan 16, 2024Updated 2 years ago
- A simple config parser for Apache HTTP Server config files☆12Jul 1, 2013Updated 12 years ago
- A socks5 proxy server with advanced remote monitoring capabilities☆31Feb 24, 2024Updated 2 years ago
- Collection of different rootkit functionality, each driver representing a different rootkit component☆14May 27, 2025Updated 11 months ago
- Implementation of a CBS client☆22Jul 27, 2024Updated last year
- A repository for I/O ring demos, use cases and performance testing on Windows☆60Aug 2, 2022Updated 3 years ago
- This is the AV ("protection solution") used for my windows 10 rootkit main project. this includes the installer stager program, a service…☆13May 2, 2024Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Basic experimentation with Windows drivers.☆18Mar 3, 2023Updated 3 years ago
- 子域名收集工具☆18Mar 26, 2025Updated last year
- ☆20Jul 23, 2023Updated 2 years ago
- Powerful Rat/Botnet written C/C++ and Rust works on Windows, Linux and Mac OS, Android and IOT Devices Central / P2P Architecture. (Proje…☆12Apr 8, 2026Updated last month
- Simple utility to watch directory change notifications on a given path☆20Oct 6, 2017Updated 8 years ago
- 把教育信息化体系中的Word试题,Excel试卷、知识点等数据解析成json内容。☆13Mar 3, 2020Updated 6 years ago
- 通过分析流量,快速检查手机是否被APT攻击☆35Oct 19, 2025Updated 7 months ago