Alternatives and similar repositories for Krueger:

Users that are interested in Krueger are comparing it to the libraries listed below

• rad9800 / BootExecuteEDR
  ☆325Updated last month
• senzee1984 / EDRPrison
  Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry
  ☆351Updated 5 months ago
• RedefiningReality / Cobalt-Strike
  Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection
  ☆259Updated 7 months ago
• CrowdStrike / sccmhound
  A BloodHound collector for Microsoft Configuration Manager
  ☆261Updated last week
• Helixo32 / NimBlackout
  Kill AV/EDR leveraging BYOVD attack
  ☆326Updated last year
• decoder-it / KrbRelayEx
  ☆279Updated last month
• rasta-mouse / OST-C2-Spec
  Open Source C&C Specification
  ☆221Updated 2 months ago
• An0nUD4Y / AV-EDR-Lab-Environment-Setup
  AV/EDR Lab environment setup references to help in Malware development
  ☆355Updated last month
• netero1010 / GhostTask
  A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.
  ☆502Updated last week
• BlackSnufkin / Invoke-DumpMDEConfig
  PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges requir…
  ☆140Updated 7 months ago
• 0xsp-SRD / MDE_Enum
  comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…
  ☆191Updated 6 months ago
• ricardojoserf / TrickDump
  Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!
  ☆389Updated 3 weeks ago
• trickster0 / NamelessC2
  Nameless C2 - A C2 with all its components written in Rust
  ☆249Updated 3 months ago
• ph4nt0mbyt3 / Darkside
  C# AV/EDR Killer using less-known driver (BYOVD)
  ☆158Updated last year
• BlackSnufkin / LitterBox
  sandbox approach for malware developers and red teamers to test payloads against detection mechanisms before deployment
  ☆296Updated this week
• WKL-Sec / GregsBestFriend
  GregsBestFriend process injection code created from the White Knight Labs Offensive Development course
  ☆179Updated last year
• Maldev-Academy / ExecutePeFromPngViaLNK
  Extract and execute a PE embedded within a PNG file using an LNK file.
  ☆301Updated 2 months ago
• ricardojoserf / NativeDump
  Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
  ☆548Updated 3 weeks ago
• cpu0x00 / Ghost
  Evasive shellcode loader
  ☆307Updated 2 months ago
• RedSiege / GraphStrike
  Cobalt Strike HTTPS beaconing over Microsoft Graph API
  ☆559Updated 6 months ago
• logangoins / Cable
  .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation
  ☆257Updated 2 months ago
• senzee1984 / MutationGate
  Use hardware breakpoint to dynamically change SSN in run-time
  ☆240Updated 9 months ago
• Tylous / Freeze.rs
  Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST
  ☆172Updated 3 months ago
• vxCrypt0r / Voidmaw
  A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders imp…
  ☆281Updated 3 months ago
• Friends-Security / SharpExclusionFinder
  Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …
  ☆183Updated 3 months ago
• MzHmO / NtlmThief
  Extracting NetNTLM without touching lsass.exe
  ☆232Updated last year
• ricardojoserf / WhoamiAlternatives
  Different methods to get current username without using whoami
  ☆173Updated 10 months ago
• CICADA8-Research / RemoteKrbRelay
  Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
  ☆537Updated 6 months ago
• Mr-Un1k0d3r / .NetConfigLoader
  .net config loader
  ☆311Updated last year