j3h4ck / MiniEDRLinks
MiniEDR is a kernel-mode process monitor that logs creations & terminations via a named pipe. Built for research & learning, exploring Windows internals & EDR mechanisms!
☆17Updated 8 months ago
Alternatives and similar repositories for MiniEDR
Users that are interested in MiniEDR are comparing it to the libraries listed below
Sorting:
- PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges requir…☆154Updated last year
- RunPE implementation with multiple evasive techniques☆234Updated last month
- ☆161Updated 8 months ago
- ☆329Updated 2 months ago
- Evade EDR's the simple way, by not touching any of the API's they hook.☆162Updated 9 months ago
- This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…☆133Updated 5 months ago
- C# AV/EDR Killer using less-known driver (BYOVD)☆180Updated last year
- ShadowPhish is an advanced APT awareness toolkit designed to simulate real-world phishing, malware delivery, deepfakes, smishing/vishing,…☆212Updated 6 months ago
- lolC2 is a collection of C2 frameworks that leverage legitimate services to evade detection☆246Updated 5 months ago
- ☆36Updated 3 months ago
- Find potential DLL Sideloads on your windows computer☆215Updated 9 months ago
- A script to generate AV evaded(static) DLL shellcode loader with AES encryption.☆137Updated 7 months ago
- Invoke-ArgFuscator is an open-source, cross-platform PowerShell module that helps generate obfuscated command-lines for common system-nat…☆250Updated 6 months ago
- Ghosting-AMSI☆219Updated 6 months ago
- The dragon in the dark. A red team post exploitation framework for testing security controls during red team assessments.☆291Updated 2 weeks ago
- ☆145Updated last month
- The different ways to dump lsass☆195Updated 2 months ago
- A project that demonstrates embedding shellcode payloads into image files (like PNGs) using Python and extracting them using C/C++. Paylo…☆206Updated last week
- PowerShell Obfuscator☆214Updated 2 months ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆156Updated 3 months ago
- Dissecting and Defeating Ransomware's Evasion Tactics Defcon 32☆17Updated last year
- Python implementation of GhostPack's Seatbelt situational awareness tool☆265Updated 11 months ago
- APT Emulation tool to exfiltrate sensitive .docx, .pptx, .xlsx, .pdf files☆94Updated 7 months ago
- Null-AMSI is an AMSI and ETW bypass that takes advantage of .NET types (.NET Reflection) to bypassing AV/EDR.☆78Updated 4 months ago
- Generate an Alphabetical Polymorphic Shellcode☆130Updated 2 months ago
- A cross-platform tool to find and decrypt Group Policy Preferences passwords from the SYSVOL share using low-privileged domain accounts☆164Updated 4 months ago
- A PoC for Early Cascade process injection technique.☆198Updated 9 months ago
- An Ansible role that install the Adaptix C2 server and/or client on Debian based hosts☆169Updated 5 months ago
- This repo is for the youtube video where we have explained how to make a detectable reverse shell undetectable by windows defender☆28Updated last year
- Embed a payload inside a PNG file☆356Updated last year