CyberShield 2025 Intro to EDR Evasion Class
☆18Jun 3, 2025Updated last year
Alternatives and similar repositories for Intro-to-EDR-Evasion
Users that are interested in Intro-to-EDR-Evasion are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A simple to use single-include Windows API resolver☆22Jul 9, 2024Updated 2 years ago
- A cheatsheet of commands used to pass the CARTP (Certified Azure Red Team Professional) exam.☆26May 4, 2023Updated 3 years ago
- ArrayAdapter which follows the RecyclerView API☆12Jun 27, 2022Updated 4 years ago
- Impersonate Windows tokens in Nim☆22Aug 4, 2025Updated 11 months ago
- An easy way to convert BloodHound output files into data that can be imported into reporting software like Dradis and Plextrac. Built by …☆20Oct 15, 2020Updated 5 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A Sublime Text plugin that allows for Nmap syntax highlighting☆13Sep 14, 2024Updated last year
- This is a VxLAN PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion☆31Jul 21, 2025Updated 11 months ago
- Windows C++ Implant for Exploration C2☆49May 11, 2026Updated last month
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆13Feb 4, 2024Updated 2 years ago
- Updated version of a long known self deletion technique to work with 24H2.☆62Jun 9, 2025Updated last year
- Shellcode Loader Utilizing ETW Events☆66Feb 26, 2025Updated last year
- A collection of sample code used in some experiments with Sliver C2☆17Mar 28, 2023Updated 3 years ago
- Docker container for running CobaltStrike 4.7 and above☆25Mar 20, 2025Updated last year
- Example of using Sleep to create better named pipes.☆41Jul 25, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A POC for developing BOFs for Sliver, Havoc, Cobalt Strike or most COFFLoaders in Rust.☆76Aug 24, 2025Updated 10 months ago
- A DLL Injector written in Python with no dependencies.☆21Sep 12, 2023Updated 2 years ago
- A python port of CCob's ThreadlessInject☆25Mar 18, 2023Updated 3 years ago
- XPN's RpcEnum but based on IDA instead of Ghidra☆21Aug 17, 2019Updated 6 years ago
- ☆45Jul 17, 2025Updated 11 months ago
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆69Jan 5, 2026Updated 6 months ago
- Backend development stack for agents☆29Jul 30, 2025Updated 11 months ago
- Citrix CVE-2023-4966 from assetnote modified for parallel and file handling☆11Oct 25, 2023Updated 2 years ago
- Random BOFs for LDAP tradecraft☆74Sep 9, 2025Updated 10 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Bulk indicator VirusTotal lookups supporting file hashes, domains and IPs.☆13May 28, 2025Updated last year
- Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.☆86Jul 25, 2025Updated 11 months ago
- An improvement and a different approach to Mockingjay Self-Injection.☆35May 21, 2024Updated 2 years ago
- Thats it! An Open-Source Windows UEFI Rootkit☆39Jul 19, 2025Updated 11 months ago
- Implementing Ghostly-Hollowing using tampered syscalls for remote PE injection☆74Dec 26, 2025Updated 6 months ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆107Feb 25, 2025Updated last year
- Shellcode injection using the Windows Debugging API☆183Jan 4, 2026Updated 6 months ago
- CipherRun is an ethical hacking tool used to execute shellcode easily while bypassing antivirus solutions.☆12Jan 30, 2024Updated 2 years ago
- Situational Awareness script to identify how and where to run implants☆70Dec 6, 2024Updated last year
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- A Vagrantfile and Ansible playbook that can be used to setup test environment with an Exchange server host☆25Jun 14, 2023Updated 3 years ago
- ☆49Apr 9, 2025Updated last year
- A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.☆139Jan 28, 2026Updated 5 months ago
- General Purpose OpSec Server☆114Mar 13, 2026Updated 3 months ago
- Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11☆84Jan 26, 2026Updated 5 months ago
- BOF to decrypt Signal Desktop chat logs☆70Feb 20, 2025Updated last year
- ☆72Dec 19, 2024Updated last year