cbecks2 / edr-artifactsLinks
This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
☆79Updated 9 months ago
Alternatives and similar repositories for edr-artifacts
Users that are interested in edr-artifacts are comparing it to the libraries listed below
Sorting:
- Persist like a Dodder☆60Updated 2 weeks ago
- ☆23Updated 3 months ago
- Easy to use, open-source infrastructure management platform, crafted specifically for red team engagements.☆44Updated last week
- ☆37Updated last year
- ☆80Updated 6 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆91Updated last month
- Living off the land searches for explorer and sharepoint☆83Updated last month
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆115Updated last year
- Microsoft Graph API post-exploitation toolkit☆94Updated 10 months ago
- Adversary Emulation Framework☆106Updated 10 months ago
- Living Off the Foreign Land setup scripts☆70Updated 3 months ago
- An Ansible collection that installs an ADFS deployment with optional configurations.☆38Updated 5 months ago
- a tiny program to consume from ETW providers for research☆48Updated 4 months ago
- Utilities for obfuscating shellcode☆68Updated 2 months ago
- ☆50Updated 7 months ago
- ☆63Updated this week
- Detect WFP filters blocking EDR communications☆89Updated last year
- BloodHound PowerShell client☆53Updated last month
- A Python POC for CRED1 over SOCKS5☆149Updated 7 months ago
- Tool to extract username and password of current user from PanGPA in plaintext☆84Updated 5 months ago
- C2 Infrastructure Automation☆98Updated 2 months ago
- C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps☆139Updated 10 months ago
- Yara Rules for Modern Malware☆77Updated last year
- .NET Post-Exploitation Utility for Abusing Explicit Certificate Mappings in ADCS☆147Updated 3 months ago
- ☆118Updated 4 years ago
- CaptainCredz is a modular and discreet password-spraying tool.☆110Updated 3 weeks ago
- Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.☆84Updated 2 months ago
- This script analyzes the DCSync output file from several tools (such as Mimikatz, Secretsdump and SharpKatz...)☆47Updated 2 months ago
- Invoke-AtomicAssessment is a powerful tool designed to facilitate adversary emulation by leveraging Atomic Red Team.☆39Updated 4 months ago
- Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.☆17Updated 5 months ago