olafhartong / BamboozlEDRLinks
A comprehensive ETW (Event Tracing for Windows) event generation tool designed for testing and research purposes.
☆238Updated 2 weeks ago
Alternatives and similar repositories for BamboozlEDR
Users that are interested in BamboozlEDR are comparing it to the libraries listed below
Sorting:
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆90Updated last year
- StoneKeeper C2, an experimental EDR evasion framework for research purposes☆207Updated 9 months ago
- Evade EDR's the simple way, by not touching any of the API's they hook.☆154Updated 8 months ago
- ☆162Updated 8 months ago
- Detect WFP filters blocking EDR communications☆94Updated last year
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆209Updated last year
- Easy to use, open-source infrastructure management platform, crafted specifically for red team engagements.☆88Updated last week
- ☆158Updated 9 months ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆140Updated last year
- BloodHound PowerShell client☆67Updated last week
- Two in one, patch lifetime powershell console, no more etw and amsi!☆96Updated 5 months ago
- ☆120Updated last year
- Find potential DLL Sideloads on your windows computer☆213Updated 8 months ago
- Tool for viewing NTDS.dit☆180Updated 6 months ago
- A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.☆160Updated last year
- Group Policy Objects manipulation and exploitation framework☆253Updated last week
- Adversary Emulation Framework☆123Updated 3 months ago
- Persist like a Dodder☆64Updated 4 months ago
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆117Updated last year
- ☆204Updated last year
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆155Updated 2 months ago
- Collect infrastructure and permissions data from vCenter and export it as a BloodHound‑compatible graph using Custom Nodes/Edges☆150Updated last month
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆192Updated 10 months ago
- ☆189Updated last year
- Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking☆353Updated 3 months ago
- Weaponizing DCOM for NTLM Authentication Coercions☆267Updated 3 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆208Updated 11 months ago
- A Mythic Agent written in PIC C.☆200Updated 8 months ago
- Windows protocol library, including SMB and RPC implementations, among others.☆344Updated 2 weeks ago
- ☆212Updated 4 months ago