Alternatives and similar repositories for edr-artifacts

Users that are interested in edr-artifacts are comparing it to the libraries listed below

• itaymigdal / PowerDodder
  Persist like a Dodder
  ☆61Updated last month
• jaredcatkinson / MalwareMorphology
  ☆81Updated 7 months ago
• c0nf1den71al / Lodestar-Forge
  Easy to use, open-source infrastructure management platform, crafted specifically for red team engagements.
  ☆45Updated this week
• amjcyber / EDRNoiseMaker
  Detect WFP filters blocking EDR communications
  ☆91Updated last year
• eric-conrad / c2-talk
  ☆37Updated last year
• MazX0p / CobaltSentry
  ☆24Updated 4 months ago
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆77Updated last year
• N0vaSky / NovaEDR-deploy
  ☆73Updated last week
• gsmith257-cyber / better-sliver
  Adversary Emulation Framework
  ☆109Updated 11 months ago
• olafhartong / PockETWatcher
  a tiny program to consume from ETW providers for research
  ☆49Updated 5 months ago
• ZephrFish / LOLSearches
  Living off the land searches for explorer and sharepoint
  ☆86Updated last month
• SadProcessor / BloodHoundOperator
  BloodHound PowerShell client
  ☆56Updated 2 months ago
• EvilBytecode / Lifetime-Amsi-EtwPatch
  Two in one, patch lifetime powershell console, no more etw and amsi!
  ☆92Updated last month
• sensepost / goLAPS
  Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.
  ☆84Updated 3 months ago
• BC-SECURITY / ScriptBlock-Smuggling
  Example code samples from our ScriptBlock Smuggling Blog post
  ☆90Updated last year
• huntandhackett / PassiveAggression
  Source code and examples for PassiveAggression
  ☆61Updated last year
• bagelByt3s / ludus_adfs
  An Ansible collection that installs an ADFS deployment with optional configurations.
  ☆39Updated 6 months ago
• Helixo32 / SimpleEDR
  Simple EDR that injects a DLL into a process to place a hook on specific Windows API
  ☆93Updated last year
• CCob / Shwmae
  ☆151Updated 4 months ago
• TierZeroSecurity / edr_blocker
  Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…
  ☆140Updated 11 months ago
• BlackSnufkin / CheckPlz
  Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.
  ☆19Updated 5 months ago
• QueenSquishy / plague
  Default Detections for EDR
  ☆96Updated last year
• mlcsec / SharpGraphView
  Microsoft Graph API post-exploitation toolkit
  ☆94Updated 11 months ago
• rad9800 / FileRenameJunctionsEDRDisable
  ☆155Updated 6 months ago
• itaymigdal / LOLSpoof
  An interactive shell to spoof some LOLBins command line
  ☆184Updated last year
• bitsadmin / lofl
  Living Off the Foreign Land setup scripts
  ☆70Updated 3 months ago
• t3hbb / PanGP_Extractor
  Tool to extract username and password of current user from PanGPA in plaintext
  ☆85Updated 6 months ago
• VirtualSamuraii / flyphish
  Deploy a phishing infrastructure on the fly.
  ☆69Updated 6 months ago
• fin3ss3g0d / StoneKeeper
  StoneKeeper C2, an experimental EDR evasion framework for research purposes
  ☆205Updated 5 months ago
• Hagrid29 / AbuseAzureAPIPermissions
  Abuse Azure API permissions for red teaming
  ☆67Updated 2 years ago