Mr-Un1k0d3r / EDRs
☆2,062Updated 2 years ago
Alternatives and similar repositories for EDRs:
Users that are interested in EDRs are comparing it to the libraries listed below
- ☆1,618Updated 7 months ago
- LSASS memory dumper using direct system calls and API unhooking.☆1,520Updated 4 years ago
- Open-Source Shellcode & PE Packer☆1,925Updated last year
- A tool to kill antimalware protected processes☆1,427Updated 3 years ago
- The swiss army knife of LSASS dumping☆1,893Updated 6 months ago
- Some notes and examples for cobalt strike's functionality☆1,010Updated 3 years ago
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆1,476Updated last year
- Template-Driven AV/EDR Evasion Framework☆1,651Updated last year
- This repo contains some Amsi Bypass methods i found on different Blog Posts.☆1,866Updated 4 months ago
- Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.☆1,167Updated 10 months ago
- Identifies the bytes that Microsoft Defender flags on.☆2,417Updated last year
- AV/EDR evasion via direct system calls.☆1,852Updated 2 years ago
- ☆1,452Updated last year
- The Hunt for Malicious Strings☆1,183Updated 2 years ago
- Alternative Shellcode Execution Via Callbacks☆1,541Updated 2 years ago
- A method of bypassing EDR's active projection DLL's by preventing entry point exection☆1,136Updated 4 years ago
- Situational Awareness commands implemented using Beacon Object Files☆1,360Updated last week
- Extract credentials from lsass remotely☆2,101Updated 3 months ago
- ☆748Updated last year
- Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing…☆1,587Updated 2 years ago
- Windows Privilege Escalation from User to Domain Admin.☆1,376Updated 2 years ago
- AV/EDR evasion via direct system calls.☆1,622Updated 2 years ago
- Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories,…☆704Updated last year
- SysWhispers on Steroids - AV/EDR evasion via direct system calls.☆1,391Updated 8 months ago
- Hide your Powershell script in plain sight. Bypass all Powershell security features☆1,161Updated 5 years ago
- SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.☆1,226Updated 9 months ago
- ☆1,577Updated 9 months ago
- ScareCrow - Payload creation framework designed around EDR bypass.☆2,795Updated last year
- KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default…☆1,573Updated 2 years ago
- Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure …☆2,421Updated last month