Alternatives and similar repositories for GoodbyeEDR

Users that are interested in GoodbyeEDR are comparing it to the libraries listed below

• wilszdev / SchtasksUacBypass
  bypass UAC even when configured to always notify user
  ☆29Updated 4 years ago
• scareing / UAC_wenpon
  UAC_wenpon
  ☆49Updated 4 years ago
• knightswd / ProcessGhosting
  ☆74Updated 4 years ago
• timwhitez / killProcessPOC
  use aswArPot.sys to kill process
  ☆68Updated 3 years ago
• Rvn0xsy / AsmShellcodeLoader
  汇编语言编写Shellcode加载器源代码 https://payloads.online/archivers/2022-02-16/1/
  ☆78Updated 3 years ago
• NoOne-hub / bypass-BeaconEye
  bypass BeaconEye
  ☆89Updated 4 years ago
• w1u0u1 / kt
  Kernel file/process/object tool
  ☆69Updated 4 years ago
• Jeffry38 / HiddenVNC
  A simple hidden vnc.
  ☆33Updated 4 years ago
• timwhitez / Spoofing-Gate
  (Hellsgate|Halosgate|Tartarosgate)+Spoofing-Gate. Ensures that all systemcalls go through ntdll.dll
  ☆44Updated 3 years ago
• timwhitez / Doge-Unhook
  DLL Unhooking
  ☆13Updated 4 years ago
• y11en / BabyBypass
  看起来叫BabyBypass，实际啥都会记一些
  ☆16Updated 2 years ago
• w1u0u1 / nanodump
  A flexible tool that creates a minidump of the LSASS process
  ☆14Updated 3 years ago
• JDArmy / Lsass-Shtinkering
  dump lsass tool
  ☆38Updated 3 years ago
• th3k3ymak3r / minbeacon
  A work in progress of constructing a minimal http(s) beacon for Cobalt Strike.
  ☆26Updated 3 years ago
• evilashz / ProxyAPICall
  Just another version of the custom stack call from Proxy-Function-Calls-For-ETwTI
  ☆34Updated 2 years ago
• akkuman / gSigFlip
  A SigFlip implement in golang
  ☆51Updated 3 years ago
• lab52io / StealAllTokens
  This PoC uses two diferent technics for stealing the primary token from all running processes, showing that is possible to impersonate a…
  ☆57Updated 4 years ago
• sailay1996 / PrintNightmare-LPE
  CVE-2021-1675 (PrintNightmare)
  ☆77Updated 4 years ago
• evilashz / CVE-2021-1675-LPE-EXP
  PrintNightmare , Local Privilege Escalation of CVE-2021-1675 or CVE-2021-34527
  ☆58Updated 4 years ago
• ch3rn0byl / HookedRDP
  ☆52Updated 6 years ago
• timwhitez / Doge-RecycledGate
  Golang implementation of Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll;
  ☆32Updated 3 years ago
• timwhitez / Doge-PX
  DPX - the Doge Packer for eXecutables
  ☆29Updated 4 years ago
• y11en / lm_tools
  横向移动三剑客 ( Lateral movement tools)
  ☆30Updated 4 years ago
• crisprss / goHashDumper
  用于Dump指定进程的内存,主要利用静默退出机制(SilentProcessExit)和Windows API(MiniDumpW)实现
  ☆25Updated 4 years ago
• WBGlIl / ReflectiveDLL_Patch
  ☆37Updated 5 years ago
• bestspear / ReBeacon_ForClang
  Beacon compiled using clang
  ☆72Updated 2 years ago
• WBGlIl / Beacon_re
  ☆89Updated 3 years ago
• morph3 / Windows-RPC-Backdoor
  Simple windows rpc server for research purposes only
  ☆83Updated 3 years ago
• Kara-4search / DInvoke_shellcodeload_CSharp
  ShellCodeLoader via DInvoke
  ☆60Updated 4 years ago
• ghost5egy / Shellcode-Ghost
  ☆13Updated 3 years ago