reveng007 / Learning-EDR-and-EDR_Evasion
I will be uploading all the codes which I created with the help either opensource projects or blogs. This is a step by step EDR learning path for me.
☆267Updated last year
Alternatives and similar repositories for Learning-EDR-and-EDR_Evasion:
Users that are interested in Learning-EDR-and-EDR_Evasion are comparing it to the libraries listed below
- AV/EDR Lab environment setup references to help in Malware development☆363Updated 2 months ago
- This comprehensive process injection series is crafted for cybersecurity enthusiasts, researchers, and professionals who aim to stay at t…☆356Updated 2 months ago
- Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection☆274Updated 8 months ago
- Simulate the behavior of AV/EDR for malware development training.☆460Updated last year
- Kill AV/EDR leveraging BYOVD attack☆336Updated last year
- ☆338Updated last year
- Amsi Bypass payload that works on Windwos 11☆375Updated last year
- Materials for the workshop "Red Team Ops: Havoc 101"☆365Updated 4 months ago
- C# AV/EDR Killer using less-known driver (BYOVD)☆159Updated last year
- Open Source C&C Specification☆232Updated this week
- Analyse your malware to surgically obfuscate it☆450Updated 3 weeks ago
- Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC☆331Updated last month
- ☆270Updated last year
- Find potential DLL Sideloads on your windows computer☆174Updated last month
- .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation☆268Updated 3 months ago
- Slides & Code snippets for a workshop held @ x33fcon 2024☆250Updated 8 months ago
- ☆343Updated 2 months ago
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆421Updated last week
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆383Updated 7 months ago
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆307Updated last year
- ☆296Updated 3 months ago
- Extract and execute a PE embedded within a PNG file using an LNK file.☆355Updated 3 months ago
- Collection of OPSEC Tradecraft and TTPs for Red Team Operations☆283Updated 2 weeks ago
- PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges requir…☆141Updated 8 months ago
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆509Updated 8 months ago
- ☆297Updated 3 months ago
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆379Updated 6 months ago
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆565Updated last month
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆516Updated last month
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆386Updated 8 months ago