loosehose / SilentButDeadlyLinks
SilentButDeadly is a network communication blocker specifically designed to neutralize EDR/AV software by preventing their cloud connectivity using Windows Filtering Platform (WFP). This version focuses solely on network isolation without process termination.
☆431Updated 2 months ago
Alternatives and similar repositories for SilentButDeadly
Users that are interested in SilentButDeadly are comparing it to the libraries listed below
Sorting:
- Evade EDR's the simple way, by not touching any of the API's they hook.☆167Updated last year
- The dragon in the dark. A red team post exploitation framework for testing security controls during red team assessments.☆444Updated 3 weeks ago
- RunPE implementation with multiple evasive techniques (2)☆265Updated 4 months ago
- Stealthy In-Memory Local Password Harvester (SILPH) tool: dump LSA, SAM and DCC2 with indirect syscall☆125Updated last month
- Tool to enumerate privileged Scheduled Tasks on Remote Systems☆275Updated 2 weeks ago
- Python implementation of GhostPack's Seatbelt situational awareness tool☆270Updated last year
- Extracts browser-stored data such as refresh tokens, cookies, saved credentials, credit cards, autofill entries, browsing history, and bo…☆466Updated this week
- lolC2 is a collection of C2 frameworks that leverage legitimate services to evade detection☆255Updated this week
- PowerShell toolkit that extracts locked Windows files (SAM, SYSTEM, NTDS, ...) using MFT parsing and raw disk reads☆237Updated 3 months ago
- Find potential DLL Sideloads on your windows computer☆218Updated last year
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆165Updated 6 months ago
- The different ways to dump lsass☆206Updated 5 months ago
- A user-mode code and its rootkit that will Kill EDR Processes permanently by leveraging the power of Process Creation Blocking Kernel Cal…☆254Updated 7 months ago
- A powerful, modular, lightweight and efficient command & control framework written in Nim.☆216Updated 2 months ago
- Group Policy Objects manipulation and exploitation framework☆286Updated last month
- Invoke-ArgFuscator is an open-source, cross-platform PowerShell module that helps generate obfuscated command-lines for common system-nat…☆260Updated 9 months ago
- Windows protocol library, including SMB and RPC implementations, among others.☆607Updated last week
- Founding is a generator that will create a loader encrypted or obfuscated with different execution types☆111Updated 5 months ago
- Python3 utility for creating zip files that smuggle additional data for later extraction☆264Updated 8 months ago
- ☆152Updated 3 months ago
- Enumerate active EDR's on the system☆150Updated 4 months ago
- Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking☆432Updated 7 months ago
- A python tool to map the access rights of network shares into a BloodHound OpenGraphs easily☆252Updated last month
- ☆163Updated 2 months ago
- Venom C2 is a dependency‑free Python3 Command & Control framework for redteam persistence☆417Updated 2 months ago
- Dig your way out of networks like a Meerkat using SSH tunnels via ClickOnce.☆264Updated 9 months ago
- Windows Session Hijacking via COM☆331Updated last month
- Obex – Blocking unwanted DLLs in user mode☆279Updated 4 months ago
- Linux post-exploitation agent that uses io_uring to stealthily bypass EDR detection by avoiding traditional syscalls.☆360Updated 5 months ago
- ☆332Updated 5 months ago