Mr-Un1k0d3r / EDRs
☆1,980Updated last year
Related projects: ⓘ
- ☆1,457Updated 2 weeks ago
- LSASS memory dumper using direct system calls and API unhooking.☆1,469Updated 3 years ago
- A tool to kill antimalware protected processes☆1,370Updated 3 years ago
- Open-Source Shellcode & PE Packer☆1,812Updated 7 months ago
- The swiss army knife of LSASS dumping☆1,738Updated 2 weeks ago
- Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing…☆1,500Updated last year
- Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.☆1,009Updated 3 months ago
- Some notes and examples for cobalt strike's functionality☆969Updated 2 years ago
- ☆1,376Updated last year
- Situational Awareness commands implemented using Beacon Object Files☆1,222Updated last week
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆1,385Updated last year
- Template-Driven AV/EDR Evasion Framework☆1,573Updated 10 months ago
- AV/EDR evasion via direct system calls.☆1,772Updated last year
- ☆1,008Updated 9 months ago
- This repo contains some Amsi Bypass methods i found on different Blog Posts.☆1,669Updated 2 months ago
- The Hunt for Malicious Strings☆1,048Updated 2 years ago
- Identifies the bytes that Microsoft Defender flags on.☆2,260Updated last year
- Alternative Shellcode Execution Via Callbacks☆1,409Updated last year
- ☆718Updated 11 months ago
- AV/EDR evasion via direct system calls.☆1,518Updated 2 years ago
- A post exploitation framework designed to operate covertly on heavily monitored environments☆2,024Updated 2 years ago
- Extract credentials from lsass remotely☆2,021Updated 2 months ago
- Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories,…☆676Updated 11 months ago
- ScareCrow - Payload creation framework designed around EDR bypass.☆2,709Updated last year
- Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.☆722Updated 2 years ago
- A method of bypassing EDR's active projection DLL's by preventing entry point exection☆1,094Updated 3 years ago
- Defences against Cobalt Strike☆1,270Updated 2 years ago
- Windows Privilege Escalation from User to Domain Admin.☆1,318Updated last year
- A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.☆1,783Updated 2 weeks ago
- Living Off The Land Drivers☆983Updated last week