y-security / stealthguardian
StealthGuardian is a middleware layer that can be combined with adversary simulation tools to verify the resistance, detection level and behaviour detection of executed actions against defined defence mechanisms.
☆17Updated 8 months ago
Alternatives and similar repositories for stealthguardian:
Users that are interested in stealthguardian are comparing it to the libraries listed below
- macOS dylib stager☆32Updated 3 months ago
- ☆48Updated last year
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆38Updated 9 months ago
- Python3 rewrite of AsOutsider features of AADInternals☆44Updated 4 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆36Updated last week
- ☆32Updated 8 months ago
- A VSCode devcontainer for development of COFF files with batteries included.☆48Updated last year
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆78Updated 8 months ago
- Sniffing files generator☆54Updated 2 months ago
- Rust template/library for implementing your own COFF loader☆50Updated 2 months ago
- malleable profile generator GUI for Havoc☆55Updated last year
- Sample Rust Hooking Engine☆36Updated last year
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆70Updated 11 months ago
- Click Once + App Domain☆61Updated last year
- BOF for C2 framework☆41Updated 5 months ago
- Parser and reconciliation tooling for large Active Directory environments.☆33Updated 2 months ago
- A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.☆13Updated 3 months ago
- Impersonate Tokens using only NTAPI functions☆64Updated 3 weeks ago
- A C# project that builds a Web Application which redirects all HTTPS☆24Updated 2 months ago
- SOCKS5 over WebSockets and HTTP☆17Updated last week
- ☆28Updated 10 months ago
- A process injection technique using only thread context manipulation☆28Updated last year
- Terms of Use Conditional Access M365 Evilginx Phishlet☆32Updated last week
- BOF to decrypt Signal Desktop chat logs☆65Updated 2 months ago
- Python module for running BOFs☆70Updated last year
- Determine if the WebClient Service (WebDAV) is running on a remote system☆18Updated last year
- Enumerate Domain Users Without Authentication☆31Updated 3 months ago
- Bunch of BOF files☆30Updated 4 months ago
- Lateral Movement via the .NET Profiler☆81Updated 5 months ago
- ☆50Updated 5 months ago