Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services, the registry and running drivers for the presence of known defensive products such as AV's, EDR's and logging tools.
☆278Oct 9, 2023Updated 2 years ago
Alternatives and similar repositories for Invoke-EDRChecker
Users that are interested in Invoke-EDRChecker are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories,…☆750Feb 24, 2026Updated last month
- Python3 tool to perform password spraying using RDP☆669Aug 17, 2023Updated 2 years ago
- Create a list of possible usernames for bruteforcing☆82Feb 18, 2024Updated 2 years ago
- Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, …☆936Nov 11, 2024Updated last year
- "Golden" certificates☆709Aug 17, 2024Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.☆2,434Feb 24, 2023Updated 3 years ago
- Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient☆1,561Oct 17, 2022Updated 3 years ago
- ICMP Reverse Shell written in Python 3 and with Scapy (backdoor/rev shell)☆421Aug 20, 2024Updated last year
- Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensi…☆4,541Jan 10, 2025Updated last year
- The Hunt for Malicious Strings☆1,374May 13, 2025Updated 11 months ago
- Enumerate and disable common sources of telemetry used by AV/EDR.☆847Mar 11, 2021Updated 5 years ago
- Recon-AD, an AD recon tool based on ADSI and reflective DLL’s☆331Oct 20, 2019Updated 6 years ago
- Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS head…☆595Jul 26, 2021Updated 4 years ago
- A simple COM server which provides a component to run shellcode☆148May 12, 2020Updated 5 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- I used this to see if an EDR is running in Safe Mode☆36Feb 13, 2021Updated 5 years ago
- C# port of WMImplant which uses either CIM or WMI to query remote systems☆203Jul 14, 2021Updated 4 years ago
- Identifies the bytes that Microsoft Defender flags on.☆2,588Dec 31, 2025Updated 3 months ago
- Get file less command execution for lateral movement.☆637Jun 3, 2022Updated 3 years ago
- A method of bypassing EDR's active projection DLL's by preventing entry point exection☆1,166Mar 31, 2021Updated 5 years ago
- StandIn is a small .NET35/45 AD post-exploitation toolkit☆257Dec 2, 2021Updated 4 years ago
- A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.☆2,099Nov 20, 2025Updated 4 months ago
- GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects☆251Sep 26, 2020Updated 5 years ago
- Windows Local Privilege Escalation from Service Account to System☆933Feb 23, 2020Updated 6 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Trying to tame the three-headed dog.☆4,960Nov 14, 2025Updated 5 months ago
- Privilege Escalation Enumeration Script for Windows☆3,806Updated this week
- SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GP…☆1,321Dec 15, 2020Updated 5 years ago
- MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, i…☆3,217Aug 7, 2025Updated 8 months ago
- A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies☆325Apr 8, 2023Updated 3 years ago
- Auto-generate an HTaccess for payload delivery -- automatically pulls ips/nets/etc from known sandbox companies/sources that have been se…☆169Aug 10, 2020Updated 5 years ago
- .Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py☆617Feb 16, 2023Updated 3 years ago
- .Net Assembly to block ETW telemetry in current process☆81May 14, 2020Updated 5 years ago
- StandIn is a small .NET35/45 AD post-exploitation toolkit☆845Dec 2, 2023Updated 2 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- C# Script used for Red Team☆722Nov 16, 2021Updated 4 years ago
- A .NET Runtime for Cobalt Strike's Beacon Object Files☆774Sep 4, 2024Updated last year
- A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from …☆1,101Jul 26, 2021Updated 4 years ago
- .NET 4.0 WinRM API Command Execution☆166Sep 11, 2020Updated 5 years ago
- BoobSnail allows generating Excel 4.0 XLM macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro generation.☆258Mar 6, 2025Updated last year
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 6 years ago
- Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime pat…☆881Mar 29, 2021Updated 5 years ago