45 results found Sort:
- Filter by Primary Language:
- C++ (9)
- Python (7)
- Go (4)
- C (4)
- PowerShell (3)
- Rust (2)
- C# (2)
- Swift (2)
- TypeScript (1)
- HTML (1)
- Java (1)
- Batchfile (1)
- +
This map lists the essential techniques to bypass anti-virus and EDR
Created
2023-02-03
29 commits to main branch, last one 6 months ago
Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It is derived from ByteDance's internal best practices...
Created
2020-12-18
1,426 commits to main branch, last one 19 days ago
A modern tool for Windows kernel exploration and tracing with a focus on security
Created
2016-03-25
917 commits to master branch, last one 8 days ago
An Active Defense and EDR software to empower Blue Teams
Created
2019-05-28
871 commits to master branch, last one 3 years ago
Open Source EDR for Windows
Created
2018-01-23
204 commits to master branch, last one about a year ago
Little user-mode AV/EDR evasion lab for training & learning purposes
Created
2023-11-12
88 commits to main branch, last one about a month ago
Awesome EDR Bypass Resources For Ethical Hacking
Created
2023-04-19
8 commits to main branch, last one 7 days ago
Enumerate and disable common sources of telemetry used by AV/EDR.
Created
2020-07-30
43 commits to master branch, last one 3 years ago
Evasive shellcode loader for bypassing event-based injection detection (PoC)
Created
2021-04-28
17 commits to master branch, last one 2 years ago
iMonitor(冰镜 - 终端行为分析系统)
Created
2021-11-24
83 commits to main branch, last one 16 days ago
a tool to help operate in EDRs' blind spots
Created
2022-08-13
54 commits to main branch, last one 2 months ago
Cobalt Strike script for ScareCrow payloads intergration (EDR/AV evasion)
Created
2021-06-24
74 commits to main branch, last one about a year ago
Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.
Created
2022-12-12
802 commits to main branch, last one 11 days ago
戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知威胁与已知威胁.防守方的利剑
Created
2022-08-22
66 commits to main branch, last one 8 months ago
Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact).
Created
2021-10-08
297 commits to main branch, last one about a year ago
系统监控开发套件(sysmon、procmon、edr、终端安全、主机安全、零信任、上网行为管理、沙箱)
Created
2021-09-25
97 commits to master branch, last one 9 hours ago
Security product hook detection
Created
2021-03-30
20 commits to main branch, last one 3 years ago
Replace the .txt section of the current loaded modules from \KnownDlls\ to bypass edrs
Created
2022-09-27
13 commits to main branch, last one about a year ago
Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
Created
2018-07-13
69 commits to master branch, last one 2 years ago
CSS trick/bug to display a brighter white by exploiting browsers' HDR capability and Apple's EDR system
Created
2020-12-30
29 commits to gh-pages branch, last one 28 days ago
PoC memory injection detection agent based on ETW, for offensive and defensive research purposes
Created
2021-04-03
27 commits to master branch, last one 3 years ago
Unlock the full brightness of the XDR display of your MacBook Pro
Created
2023-07-12
218 commits to main branch, last one about a month ago
Sysmon EDR POC Build within Powershell to prove ability.
Created
2021-03-06
21 commits to main branch, last one 3 years ago
Customizable SIEM and XDR powered by Real-Time correlation and Threat Intelligence
Created
2023-09-19
1,284 commits to main branch, last one 23 hours ago
A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (using pe2shc by @hasherezade). Payload encryption via SystemFuc...
Created
2023-01-30
20 commits to main branch, last one about a year ago
Carbon Black API - Python language bindings
Created
2016-02-23
991 commits to master branch, last one 26 days ago
Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].
Created
2022-03-27
45 commits to main branch, last one about a year ago
MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.
Created
2023-12-25
40 commits to main branch, last one 3 months ago
A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
Created
2023-11-19
137 commits to main branch, last one about a month ago
Windows user-land hooks manipulation tool.
Created
2021-03-27
15 commits to main branch, last one 3 years ago