Alternatives and similar repositories for BamboozlEDR

Users that are interested in BamboozlEDR are comparing it to the libraries listed below

• CCob / Shwmae
  ☆157Updated 6 months ago
• EvilBytecode / Lifetime-Amsi-EtwPatch
  Two in one, patch lifetime powershell console, no more etw and amsi!
  ☆95Updated 3 months ago
• rad9800 / FileRenameJunctionsEDRDisable
  ☆155Updated 7 months ago
• amjcyber / EDRNoiseMaker
  Detect WFP filters blocking EDR communications
  ☆93Updated last year
• sensepost / mydumbedr
  ☆119Updated last year
• cbecks2 / edr-artifacts
  This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
  ☆89Updated 11 months ago
• Helixo32 / SimpleEDR
  Simple EDR that injects a DLL into a process to place a hook on specific Windows API
  ☆95Updated last year
• dsnezhkov / shutter
  ☆119Updated 4 years ago
• c0nf1den71al / Lodestar-Forge
  Easy to use, open-source infrastructure management platform, crafted specifically for red team engagements.
  ☆84Updated this week
• decoder-it / ChgPass
  ☆133Updated 6 months ago
• synacktiv / Invoke-RunAsWithCert
  A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.
  ☆157Updated last year
• fin3ss3g0d / StoneKeeper
  StoneKeeper C2, an experimental EDR evasion framework for research purposes
  ☆206Updated 7 months ago
• BC-SECURITY / IronSharpPack
  IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…
  ☆115Updated last year
• TierZeroSecurity / edr_blocker
  Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…
  ☆140Updated last year
• HuskyHacks / SharpTokenFinder
  C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps
  ☆140Updated last year
• xforcered / ForsHops
  ForsHops
  ☆145Updated 4 months ago
• praetorian-inc / ChromeAlone
  A tool to transform Chromium browsers into a C2 Implant
  ☆130Updated this week
• Kudaes / Bin-Finder
  Detect EDR's exceptions by inspecting processes' loaded modules
  ☆130Updated last year
• trustedsec / DitExplorer
  Tool for viewing NTDS.dit
  ☆174Updated 4 months ago
• Octoberfest7 / Secure_Stager
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆190Updated 8 months ago
• bohops / DynamicDotNet
  A collection of various and sundry code snippets that leverage .NET dynamic tradecraft
  ☆145Updated last year
• SadProcessor / BloodHoundOperator
  BloodHound PowerShell client
  ☆58Updated last week
• OmriBaso / WTSImpersonator
  WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"
  ☆119Updated last year
• whokilleddb / sinister-vsix
  Blog/Journal on how to backdoor VSCode extensions
  ☆68Updated 3 weeks ago
• logangoins / Stifle
  .NET Post-Exploitation Utility for Abusing Explicit Certificate Mappings in ADCS
  ☆149Updated 6 months ago
• t94j0 / adexplorersnapshot-rs
  ☆83Updated last year
• kozmer / aad-bofs
  AzureAD beacon object files
  ☆121Updated 7 months ago
• gsmith257-cyber / better-sliver
  Adversary Emulation Framework
  ☆121Updated last month
• morRubin / NegoExRelay
  ☆89Updated 3 years ago
• 0xsp-SRD / MDE_Enum
  comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…
  ☆204Updated last year