cbecks2 / edr-artifacts

Related projects ⓘ

Alternatives and complementary repositories for edr-artifacts

• mlcsec / SharpGraphView
  Microsoft Graph API post-exploitation toolkit
  ☆92Updated 4 months ago
• bitsadmin / lofl
  Living Off the Foreign Land setup scripts
  ☆63Updated 3 weeks ago
• EvilBytecode / Lifetime-Amsi-EtwPatch
  Two in one, patch lifetime powershell console, no more etw and amsi!
  ☆79Updated 4 months ago
• sidaf / moonshine
  ☆68Updated last year
• CCob / Shwmae
  ☆129Updated last month
• jaredcatkinson / MalwareMorphology
  ☆76Updated this week
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆67Updated 8 months ago
• EvilBytecode / Lifetime-AmsiBypass
  Lifetime AMSI bypass.
  ☆36Updated 4 months ago
• BC-SECURITY / IronSharpPack
  IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…
  ☆106Updated 6 months ago
• lkarlslund / hashmuncher
  Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later
  ☆89Updated last year
• outflanknl / Training-MSOfficeOffensiveTradecraft
  Info related to the Outflank training: Microsoft Office Offensive Tradecraft
  ☆51Updated 6 months ago
• OtterHacker / ShareFouine
  ☆44Updated 3 weeks ago
• dsnezhkov / shutter
  ☆109Updated 3 years ago
• Helixo32 / SimpleEDR
  Simple EDR that injects a DLL into a process to place a hook on specific Windows API
  ☆88Updated last year
• BC-SECURITY / ScriptBlock-Smuggling
  Example code samples from our ScriptBlock Smuggling Blog post
  ☆83Updated 5 months ago
• ASOT-LABS / TeamsBreaker
  ☆44Updated 9 months ago
• ZephrFish / LOLSearches
  Living off the land searches for explorer and sharepoint
  ☆53Updated 3 weeks ago
• rotarydrone / GlobalUnProtect
  Decrypt GlobalProtect configuration and cookie files.
  ☆138Updated 2 months ago
• SadProcessor / BloodHoundOperator
  BloodHound PowerShell client
  ☆45Updated last month
• sevagas / Advanced_Initial_access_in_2024_OffensiveX
  Resources linked to my presentation at OffensiveX in Athens in June 2024 on the topic "Breach the Gat, Advanced Initial Access in 2024"
  ☆123Updated 3 months ago
• amjcyber / EDRNoiseMaker
  Detect WFP filters blocking EDR communications
  ☆81Updated 10 months ago
• Hacker-Hermanos / C2_INFRA_WORKSHOP_DEFCON32_RED_TEAM_VILLAGE
  C2 Infrastructure Automation
  ☆86Updated last week
• OmriBaso / BesoToken
  A tool to Impersonate logged on users without touching LSASS (Including non-Interactive sessions).
  ☆93Updated 2 years ago
• Sam0x90 / CTI
  Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
  ☆81Updated 6 months ago
• skelsec / adiskreader
  Async Python library to parse local and remote disk images.
  ☆75Updated 2 months ago
• TierZeroSecurity / edr_blocker
  Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…
  ☆139Updated 4 months ago
• morRubin / NegoExRelay
  ☆83Updated 2 years ago
• GhostPack / RAGnarok
  A Nemesis powered Retrieval-Augmented Generation (RAG) chatbot proof-of-concept.
  ☆53Updated 8 months ago
• S3N4T0R-0X0 / APT28-Adversary-Simulation
  This is a simulation of attack by Fancy Bear group (APT28) targeting high-ranking government officials Western Asia and Eastern Europe
  ☆30Updated 5 months ago