Alternatives and similar repositories for AV-EDR-Evasion-Practical-Techniques-Course

Users that are interested in AV-EDR-Evasion-Practical-Techniques-Course are comparing it to the libraries listed below

• ASP4RUX / bypassEDR-AV
  ☆59Updated last year
• CyberSecurityUP / Windows-API-for-Red-Team
  ☆91Updated last year
• EQSTLab / CVE-2024-46538
  PfSense Stored XSS lead to Arbitrary Code Execution exploit
  ☆49Updated 11 months ago
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆52Updated 5 months ago
• Maldev-Academy / Alphabetfuscation
  Convert your shellcode into an ASCII string
  ☆125Updated 6 months ago
• 0xJs / EnumEDRs
  Enumerate active EDR's on the system
  ☆148Updated 3 months ago
• sensepost / goLAPS
  Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.
  ☆86Updated 9 months ago
• DarkSpaceSecurity / DocEx
  APT Emulation tool to exfiltrate sensitive .docx, .pptx, .xlsx, .pdf files
  ☆95Updated 8 months ago
• dmcxblue / Red-Team-Guide
  A small red team course
  ☆40Updated 2 years ago
• chebuya / exploits
  Repo for all my exploits/PoCs
  ☆53Updated 7 months ago
• MWR-CyberSec / AD-CS-Forest-Exploiter
  Exploit AD CS misconfiguration allowing privilege escalation and persistence from any child domain to full forest compromise
  ☆103Updated 2 years ago
• MatheuZSecurity / Imperius
  Make an Linux Kernel rootkit visible again.
  ☆59Updated 10 months ago
• pwnfuzz / POCs
  Proof Of Concepts
  ☆55Updated 5 months ago
• Leo4j / ShellGen
  PowerShell script to generate ShellCode in various formats
  ☆46Updated last year
• SaadAhla / IP-Hunter
  Hunt for C2 servers and phishing web sites using VirusTotal API , you can modify code to kill the malicious process
  ☆73Updated last year
• jeanlucdupont / EXEfromCER
  PoC that downloads an executable from a public SSL certificate
  ☆136Updated 5 months ago
• macrl2000 / reaper-wu
  vulnlab.com reaper writeup
  ☆27Updated 2 years ago
• 0xBienCuit / InfraRed-AWS
  ☆62Updated 2 weeks ago
• TheSleekBoyCompany / AnsibleHound
  Go collector for adding Ansible WorX and Ansible Tower attack paths to BloodHound with OpenGraph
  ☆61Updated last week
• kn0x0x / CVE-2025-32756-POC
  Proof of Concept for CVE-2025-32756 - A critical stack-based buffer overflow vulnerability affecting multiple Fortinet products.
  ☆102Updated 6 months ago
• Print3M / ByteCaster
  Swiss Army Knife for payload encryption, obfuscation, and conversion to byte arrays – all in a single command (14 output formats supporte…
  ☆206Updated 3 months ago
• CyberSecurityUP / Awesome-EDR-Evasion
  ☆103Updated 10 months ago
• RayRRT / SpicyAD
  SpicyAD is a C# Active Directory penetration testing tool designed for authorized security assessments. It combines multiple AD attack te…
  ☆82Updated this week
• R3DRUN3 / vermilion
  Linux post exploitation tool for info gathering and exfiltration 🐧📡💀
  ☆89Updated last month
• eric-conrad / c2-talk
  ☆37Updated last year
• Diverto / IPPrintC2
  PoC for using MS Windows printers for persistence / command and control via Internet Printing
  ☆149Updated last year
• DarkSpaceSecurity / RunAs-Stealer
  RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging
  ☆203Updated 9 months ago
• MatheuZSecurity / ModTracer
  ModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.
  ☆87Updated 10 months ago
• aleemladha / SANS-Workshop-Lab
  SANS Workshop: Active Directory Privilege Escalation with Empire!
  ☆33Updated last month
• S3N4T0R-0X0 / Checkmate
  payload Execution by Fake Windows SmartScreen with requires Administrator privileges & Turn off real SmartScreen Filter
  ☆110Updated last year