Symantec EDR Internals
☆30Oct 12, 2021Updated 4 years ago
Alternatives and similar repositories for SEDR-Internals
Users that are interested in SEDR-Internals are comparing it to the libraries listed below
Sorting:
- All my POC related to malware development☆15Feb 19, 2026Updated last week
- SamrSearch can get user info and group info with MS-SAMR.☆15Feb 15, 2022Updated 4 years ago
- ☆18Mar 28, 2023Updated 2 years ago
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆35Mar 28, 2023Updated 2 years ago
- Bypass UAC by abusing the Windows Defender Firewall Control Panel, environment variables, and shell protocol handlers☆18Jul 12, 2021Updated 4 years ago
- Python package for the RC4 algorithm☆14Apr 2, 2017Updated 8 years ago
- Research into COM☆19Jan 25, 2020Updated 6 years ago
- Collection of scripts used for building a complete, standalone Clang/LLVM-based toolchain. See: https://clang.llvm.org/docs/Toolchain.htm…☆19Jun 12, 2023Updated 2 years ago
- ☆16Mar 26, 2024Updated last year
- Beacon Debugger☆55Oct 28, 2024Updated last year
- Delphi-Kawaii is a plugin for Ida Pro.☆22Jul 19, 2023Updated 2 years ago
- CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"☆50Mar 2, 2022Updated 4 years ago
- Windows driver template, using C++20 & cmake & GithubActions☆25Aug 9, 2024Updated last year
- ☆48May 12, 2021Updated 4 years ago
- ULPatch is open source user space live patch tool.☆13Jan 11, 2026Updated last month
- Command and Control that uses NTP as the transport protocol.☆26Jan 29, 2022Updated 4 years ago
- Bug bounty domain manager with validation, exports & Redis storage ✨☆29Jun 5, 2025Updated 8 months ago
- CarbonBlack EDR detection rules and response actions☆73Sep 10, 2024Updated last year
- ☆27Jun 3, 2023Updated 2 years ago
- POC for DLL Proxying / Hijacking☆63May 26, 2025Updated 9 months ago
- QuasarRAT analysis tools and research report☆29Dec 22, 2023Updated 2 years ago
- Small c++ basic packet sniffer for TCP, UDP, IGMP, and Others. Built for learning purposes.☆27Oct 12, 2016Updated 9 years ago
- Ping Exfiltration Command and Control (PiX-C2)☆32May 15, 2015Updated 10 years ago
- ☆31Sep 23, 2022Updated 3 years ago
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆27Sep 15, 2023Updated 2 years ago
- A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously☆32Feb 3, 2023Updated 3 years ago
- Fork of LLVM for demonstrating optimization pass development☆31Mar 3, 2023Updated 3 years ago
- Python bindings for the VTIL API. (WIP)☆29Aug 1, 2020Updated 5 years ago
- C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.☆31Nov 9, 2021Updated 4 years ago
- A simple Linux in-memory .so loader☆33Mar 29, 2023Updated 2 years ago
- Simple and sane cryptographic wrapper library.☆33Apr 21, 2023Updated 2 years ago
- A exe loader that can load NScript evaluation engine of Windows Defender/Microsft Security Essential. You can fuzz NScript by using this.…☆28Oct 18, 2017Updated 8 years ago
- NativePayload_CallBackTechniques C# Codes (Code Execution via Callback Functions Technique, without CreateThread Native API)☆118Jun 7, 2023Updated 2 years ago
- ☆79Aug 5, 2024Updated last year
- idk man this was the default github name☆35Apr 23, 2023Updated 2 years ago
- Command line & PPID spoofing☆29Apr 15, 2023Updated 2 years ago
- Study and research with your docs, media, and AI in one place☆33Updated this week
- White-box analytic framework based on LLVM☆39Jun 10, 2019Updated 6 years ago
- ☆33Feb 26, 2022Updated 4 years ago