olafhartong / BamboozlEDRLinks
A comprehensive ETW (Event Tracing for Windows) event generation tool designed for testing and research purposes.
☆218Updated last month
Alternatives and similar repositories for BamboozlEDR
Users that are interested in BamboozlEDR are comparing it to the libraries listed below
Sorting:
- ☆161Updated 7 months ago
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆90Updated last year
- Detect WFP filters blocking EDR communications☆92Updated last year
- Find potential DLL Sideloads on your windows computer☆213Updated 8 months ago
- Evade EDR's the simple way, by not touching any of the API's they hook.☆154Updated 7 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆98Updated 4 months ago
- ☆157Updated 9 months ago
- ☆121Updated last year
- StoneKeeper C2, an experimental EDR evasion framework for research purposes☆207Updated 8 months ago
- BloodHound PowerShell client☆66Updated last month
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆207Updated last year
- Easy to use, open-source infrastructure management platform, crafted specifically for red team engagements.☆86Updated last week
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆140Updated last year
- Persist like a Dodder☆64Updated 4 months ago
- Collect infrastructure and permissions data from vCenter and export it as a BloodHound‑compatible graph using Custom Nodes/Edges☆144Updated last month
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆196Updated 2 years ago
- C2 Infrastructure Automation☆109Updated 3 months ago
- ☆188Updated last year
- ☆203Updated last year
- Tool for viewing NTDS.dit☆178Updated 6 months ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆155Updated last month
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆317Updated 2 years ago
- Adversary Emulation Framework☆123Updated 2 months ago
- Simple EDR that injects a DLL into a process to place a hook on specific Windows API☆95Updated 2 years ago
- Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking☆342Updated 2 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆207Updated 11 months ago
- ☆120Updated 4 years ago
- Tools for analyzing EDR agents☆249Updated last year
- A Mythic Agent written in PIC C.☆199Updated 7 months ago
- Blog/Journal on how to backdoor VSCode extensions☆73Updated 2 months ago