huoji120 / DuckSysEyeLinks
SysEye是一个window上的基于att&ck现代EDR设计思想的威胁响应工具.有效检测常见的未知威胁与已知威胁.防守方的利剑
☆63Updated 3 years ago
Alternatives and similar repositories for DuckSysEye
Users that are interested in DuckSysEye are comparing it to the libraries listed below
Sorting:
- 一款基于Http.sys的利用工具☆191Updated 2 years ago
- 利用图片隐写术来远程动态加载shellcode☆98Updated 2 years ago
- Windows一键检测应急响应服务工具/r3数据采集☆99Updated 3 years ago
- 🔥开源跨平台轻量级病毒特征检测引擎。Open source cross-platform lightweight virus signature detection engine.👍👍👍☆52Updated 2 years ago
- CobaltStrikeDetect☆49Updated 3 months ago
- windows黑客编程基础(C\C++)☆44Updated 6 years ago
- ☆155Updated last year
- Linux下用于远程加载可执行文件以达到内存加载的目的☆203Updated 2 years ago
- [windows]pe -> shellcode -> shellcodeLoader -> (pe2shellcode go on?)☆78Updated 3 years ago
- A tool for quickly generating fishing Trojan horse.☆97Updated 4 years ago
- 远程创建任务计划工具☆189Updated 3 years ago
- ☆81Updated 6 years ago
- 基于行为特征进行快速匹配病毒专杀工具,辅助应急响应☆37Updated 5 years ago
- ☆68Updated 3 years ago
- C++枚举磁盘列表、遍历指定盘搜索特定类型文件/微信导出密钥,文件回传等功能☆153Updated 2 years ago
- 利用inline hook免杀绕过360,vt爆3个☆63Updated 3 years ago
- windows pc 端杀毒软件识别(需要tasklist 命令执行的结果)☆43Updated 4 years ago
- 过360拦截加载无驱动签名☆60Updated 4 years ago
- 40行代码检测到大部分CobaltStrike的shellcode☆291Updated 4 years ago
- Offensive C# Tooling☆101Updated last year
- ☆92Updated 4 years ago
- PrintNightMare LPE提权漏洞的CS 反射加载插件。开箱即用、通过内存加载、混淆加载的驱动名称来ByPass Defender/EDR。☆148Updated 4 years ago
- Cobalt Strike < 4.4 dos CVE-2021-36798☆37Updated 4 years ago
- 记录一下我学习的Win32CPP☆55Updated 2 months ago
- 模拟cobalt strike beacon上线包. Simulation cobalt strike beacon connection packet.☆78Updated 3 years ago
- 调用x64dbg中的loadll.exe白加黑示例代码☆64Updated last year
- ��替代PrintBug用于本地提权的新方式,主要利用MS-EFSR协议中的接口函数 借鉴了Potitpotam中对于EFSR协议的利用,实现了本地提权的一系列方式 Drawing on the use of the EFSR protocol in Potitpotam, …☆149Updated 3 years ago
- exp for CVE-2019-0887☆18Updated 4 years ago
- 通过WindowsAPI获取用户凭证,并保存到文件中☆194Updated last year
- 利用 NTLMSSP 探测 Windows 信息☆172Updated 3 years ago