Alternatives and similar repositories for av-edr-urls

Users that are interested in av-edr-urls are comparing it to the libraries listed below

• EvilBytecode / Lifetime-AmsiBypass
  Lifetime AMSI bypass.
  ☆35Updated 3 weeks ago
• kapellos / LNKSmuggler
  A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.
  ☆14Updated 4 months ago
• SaadAhla / APTmulate
  This repository focuses on replicating the behavioral patterns observed in well-documented APT campaigns.
  ☆11Updated last month
• whokilleddb / SOAPHound
  SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…
  ☆33Updated 11 months ago
• jojonas / SharpSAMDump
  SAM Dumping in C#
  ☆48Updated 4 months ago
• scottctaylor12 / Red-Lambda
  Leveraging AWS Lambda Function URLs for C2 Redirection
  ☆33Updated last year
• ibaiC / FriendlyFireBOF
  A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.
  ☆47Updated last month
• MythicAgents / scarecrow_wrapper
  ☆17Updated 7 months ago
• Bl4ckM1rror / PEAs
  ☆59Updated last year
• synacktiv / AADOutsider-py
  Python3 rewrite of AsOutsider features of AADInternals
  ☆47Updated 4 months ago
• Leo4j / Invoke-ShareHunter
  Enumerate the Domain for Readable and Writable Shares
  ☆18Updated 3 months ago
• gatariee / locate-bof
  A BOF for lazy people
  ☆18Updated last year
• jfjallid / go-lsass
  Tool to aid in dumping LSASS process remotely
  ☆38Updated 9 months ago
• 0xB455 / ActiveSyncBruter
  ☆24Updated 2 months ago
• dmcxblue / Claude-C2
  Utilizng an MCP Server to communicate with your C2
  ☆42Updated this week
• MrAle98 / psinline
  in-process powershell runner for BRC4
  ☆45Updated last year
• sudonoodle / Aggressor-Aggregator
  A helper script for consolidating Aggressor and BOF repositories into a single CNA for Cobalt Strike.
  ☆13Updated last year
• CultCornholio / RedTeamTP
  ☆23Updated this week
• Karkas66 / EarlyCascadeImprooved
  an Improoved Version of 0xNinjaCyclone´s EarlyCascade Code
  ☆19Updated 2 months ago
• OtterHacker / ShareFouine
  ☆50Updated 6 months ago
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆38Updated 10 months ago
• nyxgeek / autodiscover_enum
  time-based user enum via Basic Auth in Azure against Autodiscover
  ☆32Updated 7 months ago
• Yeeb1 / SharpRDPlusSnatcher
  Exploits a flaw in Remote Desktop Plus by monitoring and decrypting temporary .rdp files in %localappdata%/Temp, revealing credentials us…
  ☆16Updated last year
• ZephrFish / ADFSDump-PS
  PowerShell Implementation of ADFSDump to assist with GoldenSAML
  ☆31Updated 3 weeks ago
• djackreuter / proc_noprocdump
  Dump LSASS by spoofing command line arguments to procdump.
  ☆19Updated 6 months ago
• p4p1 / havoc-store
  A simple website to act as a store for havoc modules and extensions
  ☆27Updated 3 months ago
• OffenseTeacher / Steganim
  ☆48Updated last year
• OtterHacker / AWSRedirector
  ☆54Updated 3 months ago
• Mr-Un1k0d3r / MsGraphFunzy
  Scripts to interact with Microsoft Graph APIs
  ☆40Updated 6 months ago
• HulkOperator / AuthStager
  ☆55Updated 6 months ago