Alternatives and similar repositories for edr-artifacts

Users that are interested in edr-artifacts are comparing it to the libraries listed below

• itaymigdal / PowerDodder
  Persist like a Dodder
  ☆60Updated 2 weeks ago
• MazX0p / CobaltSentry
  ☆23Updated 3 months ago
• c0nf1den71al / Lodestar-Forge
  Easy to use, open-source infrastructure management platform, crafted specifically for red team engagements.
  ☆44Updated last week
• eric-conrad / c2-talk
  ☆37Updated last year
• jaredcatkinson / MalwareMorphology
  ☆80Updated 6 months ago
• EvilBytecode / Lifetime-Amsi-EtwPatch
  Two in one, patch lifetime powershell console, no more etw and amsi!
  ☆91Updated last month
• ZephrFish / LOLSearches
  Living off the land searches for explorer and sharepoint
  ☆83Updated last month
• BC-SECURITY / IronSharpPack
  IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…
  ☆115Updated last year
• mlcsec / SharpGraphView
  Microsoft Graph API post-exploitation toolkit
  ☆94Updated 10 months ago
• gsmith257-cyber / better-sliver
  Adversary Emulation Framework
  ☆106Updated 10 months ago
• bitsadmin / lofl
  Living Off the Foreign Land setup scripts
  ☆70Updated 3 months ago
• bagelByt3s / ludus_adfs
  An Ansible collection that installs an ADFS deployment with optional configurations.
  ☆38Updated 5 months ago
• olafhartong / PockETWatcher
  a tiny program to consume from ETW providers for research
  ☆48Updated 4 months ago
• RedSiege / Chromatophore
  Utilities for obfuscating shellcode
  ☆68Updated 2 months ago
• OtterHacker / ShareFouine
  ☆50Updated 7 months ago
• N0vaSky / NovaEDR-deploy
  ☆63Updated this week
• amjcyber / EDRNoiseMaker
  Detect WFP filters blocking EDR communications
  ☆89Updated last year
• SadProcessor / BloodHoundOperator
  BloodHound PowerShell client
  ☆53Updated last month
• SpecterOps / cred1py
  A Python POC for CRED1 over SOCKS5
  ☆149Updated 7 months ago
• t3hbb / PanGP_Extractor
  Tool to extract username and password of current user from PanGPA in plaintext
  ☆84Updated 5 months ago
• Hacker-Hermanos / C2_INFRA_WORKSHOP_DEFCON32_RED_TEAM_VILLAGE
  C2 Infrastructure Automation
  ☆98Updated 2 months ago
• HuskyHacks / SharpTokenFinder
  C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps
  ☆139Updated 10 months ago
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆77Updated last year
• logangoins / Stifle
  .NET Post-Exploitation Utility for Abusing Explicit Certificate Mappings in ADCS
  ☆147Updated 3 months ago
• dsnezhkov / shutter
  ☆118Updated 4 years ago
• synacktiv / captaincredz
  CaptainCredz is a modular and discreet password-spraying tool.
  ☆110Updated 3 weeks ago
• sensepost / goLAPS
  Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.
  ☆84Updated 2 months ago
• MorDavid / DCSyncHound
  This script analyzes the DCSync output file from several tools (such as Mimikatz, Secretsdump and SharpKatz...)
  ☆47Updated 2 months ago
• infosecn1nja / Invoke-AtomicAssessment
  Invoke-AtomicAssessment is a powerful tool designed to facilitate adversary emulation by leveraging Atomic Red Team.
  ☆39Updated 4 months ago
• BlackSnufkin / CheckPlz
  Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.
  ☆17Updated 5 months ago