amjcyber / EDRNoiseMakerLinks
Detect WFP filters blocking EDR communications
☆91Updated last year
Alternatives and similar repositories for EDRNoiseMaker
Users that are interested in EDRNoiseMaker are comparing it to the libraries listed below
Sorting:
- ☆155Updated 6 months ago
- Lateral Movement☆124Updated last year
- Two in one, patch lifetime powershell console, no more etw and amsi!☆92Updated last month
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆140Updated 11 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆201Updated 8 months ago
- Охотник (Hunter) is a simple Adversary Simulation tool developed for achieves stealth through API unhooking, direct and indirect syscalls…☆75Updated 2 months ago
- BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR☆76Updated last year
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆80Updated 9 months ago
- Example code samples from our ScriptBlock Smuggling Blog post☆91Updated last year
- Adversary Emulation Framework☆114Updated 11 months ago
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆193Updated 2 years ago
- ☆82Updated 10 months ago
- C2 Infrastructure Automation☆103Updated this week
- Tool for viewing NTDS.dit☆169Updated 3 months ago
- .NET Post-Exploitation Utility for Abusing Explicit Certificate Mappings in ADCS☆147Updated 4 months ago
- This repo will contain the core detection, only for Cobaltstrike's leaked versions. Non-leaked version detections wont be shared☆89Updated last year
- ☆119Updated 4 years ago
- ☆151Updated 4 months ago
- ☆178Updated last week
- Microsoft Graph API post-exploitation toolkit☆94Updated 11 months ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆147Updated last year
- A BOF to enumerate system process, their protection levels, and more.☆116Updated 6 months ago
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆173Updated last month
- Windows Persistence IT-Security☆101Updated 3 months ago
- Default Detections for EDR