Ryze-T / EdrKillerView external linksLinks
☆92Jun 29, 2021Updated 4 years ago
Alternatives and similar repositories for EdrKiller
Users that are interested in EdrKiller are comparing it to the libraries listed below
Sorting:
- 利用白名单文件 cdb.exe 执行 shellcode☆215Jun 29, 2022Updated 3 years ago
- Kill Protected Process Light Process (include av)☆58Sep 15, 2023Updated 2 years ago
- (批量化改造)sharpwmi是一个基于rpc的横向移动工具,具有上传文件和执行命令功能。☆108Jan 8, 2021Updated 5 years ago
- 通过反射DLL注入、Win API、C#、以及底层实现NetUserAdd方式实现BypassAV进行增加用户的功能,实现Cobalt Strike插件化☆343Apr 10, 2022Updated 3 years ago
- 改造BeichenDream/InjectJDBC加入shiro获取key和修改key功能☆279Nov 28, 2023Updated 2 years ago
- ☆81Dec 24, 2021Updated 4 years ago
- SharpAddDomainMachine☆69Oct 12, 2021Updated 4 years ago
- golang for socks5☆33Jun 21, 2021Updated 4 years ago
- 进行克隆用户、添加用户等账户防护安全检测的轻巧工具☆185Sep 3, 2021Updated 4 years ago
- 替代PrintBug用于本地提权的新方式,主要利用MS-EFSR协议中的接口函数 借鉴了Potitpotam中对于EFSR协议的利用,实现了本地提权的一系列方式 Drawing on the use of the EFSR protocol in Potitpotam, …☆149Mar 13, 2022Updated 3 years ago
- 远程创建任务计划工具☆190Apr 23, 2022Updated 3 years ago
- A simple hidden vnc.☆33Feb 19, 2021Updated 4 years ago
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆55Mar 3, 2022Updated 3 years ago
- ☆155Jun 18, 2024Updated last year
- 强制关闭360 需要管理员权限☆171Feb 6, 2022Updated 4 years ago
- power-kill is a project that kill protected processes (such as EDR or AV) by injecting shellcode into high privilege processes☆48Sep 27, 2021Updated 4 years ago
- It stinks☆105Apr 22, 2022Updated 3 years ago
- golang打包二进制进行免杀☆233Apr 7, 2021Updated 4 years ago
- POCs for Shellcode Injection via Callbacks☆411Feb 23, 2021Updated 4 years ago
- CobaltStrike and Google Auth twice☆63Oct 11, 2021Updated 4 years ago
- A Mimikatz For Only Extracting Login Passwords.(Bypasses Most AV's)☆59Feb 20, 2022Updated 3 years ago
- My personal shellcode loader☆32Mar 9, 2023Updated 2 years ago
- 创建隐藏计划任务,权限维持,Bypass AV☆556Sep 1, 2021Updated 4 years ago
- PrintNightMare LPE提权漏洞的CS 反射加载插件。开箱即用、通过内存加载、混淆加载的驱动名称来ByPass Defender/EDR。☆148Sep 1, 2021Updated 4 years ago
- NOPEN Tool 又名“morerats” 莫雷斯特,是方程式工具包里的工具。☆46Mar 18, 2022Updated 3 years ago
- Bypass AV 用户添加☆169Dec 30, 2021Updated 4 years ago
- Beacon Object File implementation of Event Viewer deserialization UAC bypass☆133May 6, 2022Updated 3 years ago
- Windows Sandbox Framework☆40Dec 31, 2021Updated 4 years ago
- ☆342Jun 7, 2022Updated 3 years ago
- CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon,其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能☆731Sep 1, 2021Updated 4 years ago
- C# shellcode runner adapted to run from a csproj to be triggered by MSBuild☆27Feb 11, 2022Updated 4 years ago
- 调用x64dbg中的loadll.exe白加黑示例代码☆65Jun 18, 2024Updated last year
- 用CSharp写的一款信息搜集工具,目前支持Navicat、TeamView、Xshell、SecureCRT产品的密码解密☆251Aug 26, 2020Updated 5 years ago
- 隐藏可执行内存☆267Apr 27, 2025Updated 9 months ago
- 关于RPC一些绕EDR的tips☆198Mar 3, 2023Updated 2 years ago
- golang rpc框架,支持数据加密传输☆13Jan 19, 2026Updated 3 weeks ago
- 一款操作互不干扰的远程桌面工具☆72Feb 4, 2023Updated 3 years ago
- 基于向日葵RCE的本地权限提升,无需指定端口☆210Feb 24, 2022Updated 3 years ago
- MSFRottenPotato built as a Reflective DLL. Work in progress. Gotta love Visual C++☆31Oct 25, 2018Updated 7 years ago