PwnDexter / SharpEDRCheckerLinks
Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services and each service binaries metadata, installed drivers and each drivers metadata, all for the presence of known defensive products such as AV's, EDR's and logging tools.
☆737Updated 3 months ago
Alternatives and similar repositories for SharpEDRChecker
Users that are interested in SharpEDRChecker are comparing it to the libraries listed below
Sorting:
- Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, …☆929Updated last year
- "Golden" certificates☆707Updated last year
- Some notes and examples for cobalt strike's functionality☆1,125Updated 3 years ago
- The Hunt for Malicious Strings☆1,355Updated 8 months ago
- SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GP…☆1,291Updated 5 years ago
- Windows Local Privilege Escalation from Service Account to System☆910Updated 5 years ago
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆1,589Updated 2 years ago
- C# implementation of harmj0y's PowerView☆1,079Updated last year
- Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime pat…☆880Updated 4 years ago
- C# Azure Function with an HTTP trigger that generates obfuscated PowerShell snippets that break or disable AMSI for the current process.☆431Updated last year
- ☆1,529Updated 2 years ago
- Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands☆1,011Updated 4 years ago
- SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.☆1,387Updated last year
- Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.☆1,395Updated 3 weeks ago
- SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket☆923Updated 4 years ago
- Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories,…☆274Updated 2 years ago
- A method of bypassing EDR's active projection DLL's by preventing entry point exection☆1,163Updated 4 years ago
- SharpUp is a C# port of various PowerUp functionality.☆1,445Updated last year
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆747Updated 2 years ago
- C# Data Collector for the BloodHound Project, Version 3☆549Updated 3 years ago
- StandIn is a small .NET35/45 AD post-exploitation toolkit☆829Updated 2 years ago
- ☆1,664Updated 9 months ago
- A .NET Framework 4.0 Windows Agent☆525Updated this week
- KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default…☆1,626Updated 3 years ago
- Windows AV Evasion☆829Updated 5 years ago
- PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as w…☆1,080Updated last year
- A tool to help query AD via the LDAP protocol☆605Updated last year
- Get file less command execution for lateral movement.☆634Updated 3 years ago
- Hide your Powershell script in plain sight. Bypass all Powershell security features☆1,301Updated 6 years ago
- Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation☆993Updated 3 years ago