47 results found Sort:
- Filter by Primary Language:
- C++ (8)
- Python (7)
- C (5)
- Go (4)
- PowerShell (3)
- Swift (3)
- Rust (2)
- Batchfile (2)
- C# (2)
- TypeScript (1)
- HTML (1)
- Java (1)
- +
This map lists the essential techniques to bypass anti-virus and EDR
Created
2023-02-03
29 commits to main branch, last one 11 months ago
Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It is derived from ByteDance's internal best practices...
Created
2020-12-18
1,615 commits to main branch, last one a day ago
Adversary tradecraft detection, protection, and hunting
Created
2016-03-25
999 commits to master branch, last one 18 days ago
An Active Defense and EDR software to empower Blue Teams
Created
2019-05-28
871 commits to master branch, last one 3 years ago
Open Source EDR for Windows
Created
2018-01-23
204 commits to master branch, last one 2 years ago
Little user-mode AV/EDR evasion lab for training & learning purposes
Created
2023-11-12
88 commits to main branch, last one 6 months ago
Awesome EDR Bypass Resources For Ethical Hacking
Created
2023-04-19
19 commits to main branch, last one 10 days ago
Enumerate and disable common sources of telemetry used by AV/EDR.
Created
2020-07-30
43 commits to master branch, last one 3 years ago
Evasive shellcode loader for bypassing event-based injection detection (PoC)
Created
2021-04-28
17 commits to master branch, last one 3 years ago
iMonitor(冰镜 - 终端行为分析系统)
Created
2021-11-24
85 commits to main branch, last one 24 hours ago
a tool to help operate in EDRs' blind spots
Created
2022-08-13
54 commits to main branch, last one 7 months ago
戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知威胁与已知威胁.防守方的利剑
Created
2022-08-22
66 commits to main branch, last one about a year ago
Cobalt Strike script for ScareCrow payloads intergration (EDR/AV evasion)
Created
2021-06-24
74 commits to main branch, last one 2 years ago
Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.
Created
2022-12-12
807 commits to main branch, last one 3 months ago
Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact).
Created
2021-10-08
298 commits to main branch, last one 4 months ago
The world's most powerful System Activity Monitor Engine · 一款功能强大的终端行为采集防御开发套件 ~ 旨在帮助EDR、零信任、数据安全、审计管控等终端安全软件可以快速实现产品功能, 而不用关心底层驱动的开发、维护和兼容性问题,让其可以专注于业务开发
Created
2021-09-25
2 commits to master branch, last one 23 days ago
Security product hook detection
Created
2021-03-30
20 commits to main branch, last one 3 years ago
Unlock the full brightness of the XDR display of your MacBook Pro
Created
2023-07-12
266 commits to main branch, last one 6 days ago
Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
Created
2018-07-13
69 commits to master branch, last one 3 years ago
Replace the .txt section of the current loaded modules from \KnownDlls\ to bypass edrs
Created
2022-09-27
13 commits to main branch, last one 2 years ago
CSS trick/bug to display a brighter white by exploiting browsers' HDR capability and Apple's EDR system
Created
2020-12-30
29 commits to gh-pages branch, last one 5 months ago
PoC memory injection detection agent based on ETW, for offensive and defensive research purposes
Created
2021-04-03
27 commits to master branch, last one 3 years ago
Customizable SIEM and XDR powered by Real-Time correlation and Threat Intelligence
Created
2023-09-19
1,406 commits to main branch, last one a day ago
Sysmon EDR POC Build within Powershell to prove ability.
Created
2021-03-06
21 commits to main branch, last one 3 years ago
MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.
Created
2023-12-25
40 commits to main branch, last one 8 months ago
A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (using pe2shc by @hasherezade). Payload encryption via SystemFuc...
Created
2023-01-30
20 commits to main branch, last one about a year ago
Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution
Created
2024-01-14
35 commits to main branch, last one 8 months ago
A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
Created
2023-11-19
137 commits to main branch, last one 6 months ago
Carbon Black API - Python language bindings
Created
2016-02-23
996 commits to master branch, last one 3 months ago
Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].
Created
2022-03-27
45 commits to main branch, last one about a year ago