loosehose / SilentButDeadlyLinks
SilentButDeadly is a network communication blocker specifically designed to neutralize EDR/AV software by preventing their cloud connectivity using Windows Filtering Platform (WFP). This version focuses solely on network isolation without process termination.
☆414Updated 2 months ago
Alternatives and similar repositories for SilentButDeadly
Users that are interested in SilentButDeadly are comparing it to the libraries listed below
Sorting:
- The dragon in the dark. A red team post exploitation framework for testing security controls during red team assessments.☆428Updated last week
- Evade EDR's the simple way, by not touching any of the API's they hook.☆169Updated 11 months ago
- PowerShell toolkit that extracts locked Windows files (SAM, SYSTEM, NTDS, ...) using MFT parsing and raw disk reads☆236Updated 2 months ago
- RunPE implementation with multiple evasive techniques (2)☆262Updated 3 months ago
- Tool to enumerate privileged Scheduled Tasks on Remote Systems☆260Updated this week
- Invoke-ArgFuscator is an open-source, cross-platform PowerShell module that helps generate obfuscated command-lines for common system-nat…☆259Updated 8 months ago
- lolC2 is a collection of C2 frameworks that leverage legitimate services to evade detection☆252Updated 7 months ago
- ☆332Updated 4 months ago
- The different ways to dump lsass☆203Updated 4 months ago
- Python implementation of GhostPack's Seatbelt situational awareness tool☆269Updated last year
- Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC☆400Updated 3 months ago
- A user-mode code and its rootkit that will Kill EDR Processes permanently by leveraging the power of Process Creation Blocking Kernel Cal…☆251Updated 7 months ago
- Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking☆422Updated 6 months ago
- Find potential DLL Sideloads on your windows computer☆216Updated last year
- Group Policy Objects manipulation and exploitation framework☆283Updated last month
- A powerful, modular, lightweight and efficient command & control framework written in Nim.☆214Updated 2 months ago
- Enumerate active EDR's on the system☆147Updated 3 months ago
- PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges requir…☆154Updated last year
- Obex – Blocking unwanted DLLs in user mode☆280Updated 3 months ago
- Extracts browser-stored data such as refresh tokens, cookies, saved credentials, credit cards, autofill entries, browsing history, and bo…☆216Updated this week
- ☆164Updated last month
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆164Updated 5 months ago
- Windows Session Hijacking via COM☆324Updated 3 weeks ago
- Venom C2 is a dependency‑free Python3 Command & Control framework for redteam persistence☆413Updated 2 months ago
- Ghosting-AMSI☆220Updated 8 months ago
- Dig your way out of networks like a Meerkat using SSH tunnels via ClickOnce.☆263Updated 8 months ago
- Collect infrastructure and permissions data from vCenter and export it as a BloodHound‑compatible graph using Custom Nodes/Edges☆175Updated 4 months ago
- Stealthy In-Memory Local Password Harvester (SILPH) tool: dump LSA, SAM and DCC2 with indirect syscall☆96Updated 3 weeks ago
- An interactive shell to spoof some LOLBins command line☆187Updated last year
- Red teaming tool to dump LSASS memory, bypassing basic countermeasures.☆247Updated 2 months ago