EDR Detector that can find what kind of endpoint solution is being used according to drivers in the system.
☆94Nov 5, 2021Updated 4 years ago
Alternatives and similar repositories for EDR_Detector
Users that are interested in EDR_Detector are comparing it to the libraries listed below
Sorting:
- UDP implant☆67Aug 19, 2021Updated 4 years ago
- Linux Enumeration / Privilege escalation tool☆26Sep 3, 2020Updated 5 years ago
- RedLizard Rust TCP Reverse Shell Server/Client☆138Dec 9, 2023Updated 2 years ago
- A rust library that allows you to delete your executable while it's running.☆91Mar 24, 2023Updated 2 years ago
- Windows shellcode development in Rust☆305Feb 6, 2021Updated 5 years ago
- abusing Process Hacker driver to terminate other processes (BYOVD)☆82May 23, 2023Updated 2 years ago
- Attempts to suspend all known AV/EDRs processes on Windows using syscalls and the undocumented NtSuspendProcess API. Made with <3 for pen…☆13May 11, 2023Updated 2 years ago
- Inject a shellcode in a remote process using Process Hollowing.☆54Sep 18, 2021Updated 4 years ago
- SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…☆61Aug 31, 2022Updated 3 years ago
- Detect EDR's exceptions by inspecting processes' loaded modules☆130Mar 15, 2024Updated last year
- A rust library that allows you to host the CLR and execute dotnet binaries.☆236Mar 12, 2025Updated 11 months ago
- Implant drop-in for EDR testing☆147Nov 15, 2023Updated 2 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆108Mar 8, 2023Updated 2 years ago
- Rust For Windows Cheatsheet☆121Nov 26, 2025Updated 3 months ago
- A simple BOF (Beacon Object File) to search files in the system☆15Dec 2, 2023Updated 2 years ago
- ROP-based sleep obfuscation to evade memory scanners☆376Jun 22, 2025Updated 8 months ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆233Mar 23, 2023Updated 2 years ago
- API Hammering with C++20☆50Jul 21, 2022Updated 3 years ago
- POC tool to convert CobaltStrike BOF files to raw shellcode☆220Nov 5, 2021Updated 4 years ago
- Automatically parse Malleable C2 profiled into CrossC2 rebinding library source code☆21Feb 13, 2023Updated 3 years ago
- Dynamically invoke arbitrary unmanaged code☆359Feb 19, 2026Updated 2 weeks ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆97Mar 20, 2023Updated 2 years ago
- call gates as stable comunication channel for NT x86 and Linux x86_64☆32Aug 11, 2023Updated 2 years ago
- Simple ransomware written in Rust. Part of the building a rustomware blog post.☆35Sep 26, 2023Updated 2 years ago
- C++ WinRM API via Reflective DLL☆145Sep 11, 2021Updated 4 years ago
- A nim port of C5pider's Ekko project.☆17Oct 1, 2022Updated 3 years ago
- An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities☆63Aug 25, 2022Updated 3 years ago
- Apply a divide and conquer approach to bypass EDRs☆286Oct 19, 2023Updated 2 years ago
- Beacon Object File Loader☆293Dec 3, 2023Updated 2 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom)☆360Mar 2, 2024Updated 2 years ago
- Sleep obfuscation☆268Dec 13, 2024Updated last year
- A COFF loader made in Rust☆328Aug 20, 2025Updated 6 months ago
- Terminate AV/EDR Processes using kernel driver☆352Jun 12, 2023Updated 2 years ago
- TartarusGate, Bypassing EDRs☆653Jan 25, 2022Updated 4 years ago
- Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload …☆49Nov 2, 2025Updated 4 months ago
- Linux Sleep Obfuscation☆112Jan 7, 2024Updated 2 years ago
- 64-bit, position-independent implant template for Windows in Rust.☆173Nov 28, 2025Updated 3 months ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆235Oct 18, 2022Updated 3 years ago