huoji120 / DuckSysEyeView external linksLinks
SysEye是一个window上的基于att&ck现代EDR设计思想的威胁响应工具.有效检测常见的未知威胁与已知威胁.防守方的利剑
☆63Aug 23, 2022Updated 3 years ago
Alternatives and similar repositories for DuckSysEye
Users that are interested in DuckSysEye are comparing it to the libraries listed below
Sorting:
- 鸭鸭咖啡馆主要项目☆16Sep 29, 2022Updated 3 years ago
- 戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知威胁与已知威胁.防守方的利剑☆537Oct 25, 2023Updated 2 years ago
- 简单安排一下 autochk.sys 这个rootkit☆73Mar 7, 2023Updated 2 years ago
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆14Aug 11, 2023Updated 2 years ago
- golang免杀捆绑器☆22Apr 7, 2022Updated 3 years ago
- 无影脚 - 命令行下的日志文件处理工具☆52Nov 15, 2022Updated 3 years ago
- ksc4cpp is a shellcode framework for windows kernel based on C++☆22Feb 10, 2023Updated 3 years ago
- tcp端口复用程序☆72Aug 7, 2022Updated 3 years ago
- CVE-2021-4034 for single commcand☆10May 31, 2022Updated 3 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆71May 11, 2022Updated 3 years ago
- 废物自救项目!一起向光而行!!!☆11May 7, 2022Updated 3 years ago
- 检测绝大部分所谓的内存免杀马☆735Sep 15, 2022Updated 3 years ago
- enc8 密码碰撞脚本☆33Jan 31, 2023Updated 3 years ago
- 40行代码检测到大部分CobaltStrike的shellcode☆293Jul 25, 2021Updated 4 years ago
- Microsoft Exchange Server SSRF漏洞(CVE-2021-26855)☆36Mar 6, 2021Updated 4 years ago
- Druid 密文解密工具☆137Dec 9, 2020Updated 5 years ago
- CobaltStrike Malleable Profile☆23May 16, 2022Updated 3 years ago
- 蓝队应急工具☆541Jun 10, 2024Updated last year
- Process Creation, Image Load and Thread Creation Notification☆13Sep 15, 2023Updated 2 years ago
- 让Etwhook再次伟大! Make InfinityHook Great Again!☆147Jun 24, 2021Updated 4 years ago
- 红队应急响应工具(支持麒麟系统)☆54Aug 13, 2025Updated 6 months ago
- 一个用于隐藏C2的、开箱即用的反向代理服务器。旨在省去繁琐的配置Nginx服务的过程。☆13Feb 14, 2022Updated 4 years ago
- 通过重造轮子和调用OpenSSL的方式学习密码!!☆15Jan 28, 2023Updated 3 years ago
- 能过卡巴、核晶、defender等杀软的dump lsass进程工具☆12Sep 25, 2022Updated 3 years ago
- A simple parser(library) which extracts shimcache data from windows.☆15May 20, 2019Updated 6 years ago
- 隐藏可执行内存☆267Apr 27, 2025Updated 9 months ago
- The world's most powerful System Activity Monitor Engine · 一款功能强大的终端行为采集防御开发套件 ~ 旨在帮助EDR、零信任、数据安全、审计管控等终端安全软件可以快速实现产品功能, 而不用关心底层…☆372Feb 19, 2025Updated 11 months ago
- 沙箱测试,测评国内常见沙箱的代码与结论☆107Jul 3, 2021Updated 4 years ago
- 利用物理内存映射,实现虚拟内存��的伪隐藏☆86Sep 15, 2022Updated 3 years ago
- Popular driver source with guarded regions bypass☆15Nov 12, 2022Updated 3 years ago
- 一款辅助安全研发在日常工作中渗透测试、安全研究、安全开发等工作的工具!☆13Nov 20, 2023Updated 2 years ago
- ☆17Apr 18, 2023Updated 2 years ago
- HookDetection☆45Sep 3, 2021Updated 4 years ago
- Shiro key check,golang Version☆58Aug 27, 2022Updated 3 years ago
- Hades HIDS/HIPS for Windows☆307Oct 10, 2025Updated 4 months ago
- 基于go语言的致远OA漏洞检测工具☆39Oct 28, 2022Updated 3 years ago
- Using NtCreateFile and NtDeviceIoControlFile to realize the function of winsock(利用NtCreateFile和NtDeviceIoControlFile 实现winsock的功能)☆127Sep 9, 2022Updated 3 years ago
- Call NtCreateUserProcess directly as normal.☆76May 17, 2022Updated 3 years ago
- 从admin冲到TrustedInstaller☆17Feb 3, 2023Updated 3 years ago