rad9800 / FileRenameJunctionsEDRDisable
☆149Updated 3 months ago
Alternatives and similar repositories for FileRenameJunctionsEDRDisable:
Users that are interested in FileRenameJunctionsEDRDisable are comparing it to the libraries listed below
- ☆144Updated 7 months ago
- ☆96Updated 2 months ago
- Construct the payload at runtime using an array of offsets☆63Updated 9 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆84Updated 8 months ago
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆147Updated last week
- Shellcode loader☆77Updated 3 months ago
- ☆125Updated 6 months ago
- Adversary Emulation Framework☆92Updated 8 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆183Updated 3 months ago
- Stage 0☆154Updated 3 months ago
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆232Updated 3 months ago
- A Mythic Agent written in PIC C.☆183Updated last month
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆141Updated 8 months ago
- AzureAD beacon object files☆117Updated 3 months ago
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆195Updated 9 months ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆147Updated last year
- Do some DLL SideLoading magic☆79Updated last year
- ☆149Updated last year
- ☆133Updated last year
- Bypass LSA protection using the BYODLL technique☆155Updated 6 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆73Updated 7 months ago
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆96Updated last year
- "Service-less" driver loading☆148Updated 3 months ago