olafhartong / BamboozlEDRLinks
A comprehensive ETW (Event Tracing for Windows) event generation tool designed for testing and research purposes.
☆205Updated 3 weeks ago
Alternatives and similar repositories for BamboozlEDR
Users that are interested in BamboozlEDR are comparing it to the libraries listed below
Sorting:
- ☆158Updated 7 months ago
- StoneKeeper C2, an experimental EDR evasion framework for research purposes☆207Updated 8 months ago
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆91Updated last year
- Easy to use, open-source infrastructure management platform, crafted specifically for red team engagements.☆86Updated last week
- ☆157Updated 8 months ago
- Detect WFP filters blocking EDR communications☆93Updated last year
- Two in one, patch lifetime powershell console, no more etw and amsi!☆97Updated 4 months ago
- Evade EDR's the simple way, by not touching any of the API's they hook.☆153Updated 7 months ago
- Persist like a Dodder☆64Updated 3 months ago
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆205Updated last year
- Collect infrastructure and permissions data from vCenter and export it as a BloodHound‑compatible graph using Custom Nodes/Edges☆112Updated 2 weeks ago
- Tool for viewing NTDS.dit☆175Updated 5 months ago
- ☆195Updated last year
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆154Updated last month
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆140Updated last year
- ☆120Updated last year
- A Mythic Agent written in PIC C.☆199Updated 6 months ago
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆116Updated last year
- Group Policy Objects manipulation and exploitation framework☆215Updated last week
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆206Updated 10 months ago
- A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.☆158Updated last year
- Find potential DLL Sideloads on your windows computer☆213Updated 7 months ago
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆194Updated 2 years ago
- Adversary Emulation Framework☆122Updated 2 months ago
- C2 Infrastructure Automation☆109Updated 2 months ago
- ☆120Updated 4 years ago
- ForsHops☆146Updated 5 months ago
- A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …☆168Updated 4 months ago
- ☆255Updated last week
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆192Updated 9 months ago