cbecks2 / edr-artifactsLinks
This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
☆89Updated 11 months ago
Alternatives and similar repositories for edr-artifacts
Users that are interested in edr-artifacts are comparing it to the libraries listed below
Sorting:
- Persist like a Dodder☆62Updated 2 months ago
- ☆24Updated 5 months ago
- ☆81Updated 8 months ago
- ☆73Updated last week
- Invoke-AtomicAssessment is a powerful tool designed to facilitate adversary emulation by leveraging Atomic Red Team.☆42Updated 6 months ago
- Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.☆21Updated 7 months ago
- ☆37Updated last year
- ☆69Updated last year
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆129Updated 6 months ago
- AutoRMM is a collection of scripts and instructions we are organizing, to test delivery mechanisms for RMM and screen sharing tools, alo…☆42Updated last week
- Detect WFP filters blocking EDR communications☆93Updated last year
- a tiny program to consume from ETW providers for research☆50Updated 6 months ago
- Easy to use, open-source infrastructure management platform, crafted specifically for red team engagements.☆80Updated this week
- Microsoft Graph API post-exploitation toolkit☆94Updated last year
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆167Updated 9 months ago
- Default Detections for EDR☆96Updated last year
- A simple tool designed to create Atomic Red Team tests with ease.☆45Updated 4 months ago
- ☆156Updated 6 months ago
- A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files☆126Updated last year
- Simple EDR that injects a DLL into a process to place a hook on specific Windows API☆94Updated last year
- Living Off the Foreign Land setup scripts☆70Updated 5 months ago
- Decrypt GlobalProtect configuration and cookie files.☆150Updated 10 months ago
- An Ansible collection that installs an ADFS deployment with optional configurations.☆42Updated 7 months ago
- ☆46Updated last year
- Active C&C Detector☆155Updated last year
- Two in one, patch lifetime powershell console, no more etw and amsi!☆94Updated 3 months ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆82Updated last year
- ☆84Updated 2 years ago
- This is a simulation of attack by Fancy Bear group (APT28) targeting high-ranking government officials Western Asia and Eastern Europe☆34Updated last year
- A Nemesis powered Retrieval-Augmented Generation (RAG) chatbot proof-of-concept.☆62Updated last year