46 results found Sort:

290
2.6k
unknown
39
This map lists the essential techniques to bypass anti-virus and EDR
Created 2023-02-03
32 commits to main branch, last one 2 months ago
451
2.3k
unknown
48
Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It is derived from ByteDance's internal best practices...
Created 2020-12-18
1,627 commits to main branch, last one about a month ago
194
2.3k
other
71
Adversary tradecraft detection, protection, and hunting
Created 2016-03-25
1,061 commits to master branch, last one 2 days ago
170
1.2k
gpl-3.0
41
An Active Defense and EDR software to empower Blue Teams
Created 2019-05-28
871 commits to master branch, last one 3 years ago
145
1.2k
agpl-3.0
45
Open Source EDR for Windows
Created 2018-01-23
204 commits to master branch, last one 2 years ago
AV/EDR Evasion Lab for Training & Learning Purposes
Created 2023-11-12
114 commits to main branch, last one 10 days ago
109
1.1k
unknown
28
Awesome EDR Bypass Resources For Ethical Hacking
Created 2023-04-19
22 commits to main branch, last one a day ago
Enumerate and disable common sources of telemetry used by AV/EDR.
Created 2020-07-30
43 commits to master branch, last one 3 years ago
Evasive shellcode loader for bypassing event-based injection detection (PoC)
Created 2021-04-28
17 commits to master branch, last one 3 years ago
159
731
agpl-3.0
14
iMonitor(冰镜 - 终端行为分析系统)
Created 2021-11-24
85 commits to main branch, last one 2 months ago
78
682
apache-2.0
13
a tool to help operate in EDRs' blind spots
Created 2022-08-13
54 commits to main branch, last one 10 months ago
76
494
apache-2.0
14
戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知威胁与已知威胁.防守方的利剑
Created 2022-08-22
66 commits to main branch, last one about a year ago
Cobalt Strike script for ScareCrow payloads intergration (EDR/AV evasion)
Created 2021-06-24
74 commits to main branch, last one 2 years ago
81
452
unknown
23
Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.
Created 2022-12-12
808 commits to main branch, last one 2 months ago
27
395
eupl-1.2
16
Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact).
Created 2021-10-08
298 commits to main branch, last one 6 months ago
The world's most powerful System Activity Monitor Engine · 一款功能强大的终端行为采集防御开发套件 ~ 旨在帮助EDR、零信任、数据安全、审计管控等终端安全软件可以快速实现产品功能, 而不用关心底层驱动的开发、维护和兼容性问题,让其可以专注于业务开发
Created 2021-09-25
2 commits to master branch, last one 3 months ago
Unlock the full brightness of the XDR display of your MacBook Pro
Created 2023-07-12
272 commits to main branch, last one 8 days ago
CSS trick/bug to display a brighter white by exploiting browsers' HDR capability and Apple's EDR system
Created 2020-12-30
29 commits to gh-pages branch, last one 8 months ago
50
315
gpl-3.0
9
Security product hook detection
Created 2021-03-30
20 commits to main branch, last one 3 years ago
Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
Created 2018-07-13
69 commits to master branch, last one 3 years ago
Replace the .txt section of the current loaded modules from \KnownDlls\ to bypass edrs
Created 2022-09-27
13 commits to main branch, last one 2 years ago
41
260
unknown
8
PoC memory injection detection agent based on ETW, for offensive and defensive research purposes
Created 2021-04-03
27 commits to master branch, last one 3 years ago
27
218
unknown
11
Sysmon EDR POC Build within Powershell to prove ability.
Created 2021-03-06
21 commits to main branch, last one 3 years ago
24
189
bsd-3-clause
6
MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.
Created 2023-12-25
40 commits to main branch, last one 11 months ago
33
169
unknown
9
Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution
Created 2024-01-14
35 commits to main branch, last one 10 months ago
A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (using pe2shc by @hasherezade). Payload encryption via SystemFuc...
Created 2023-01-30
20 commits to main branch, last one about a year ago
A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
Created 2023-11-19
137 commits to main branch, last one 8 months ago
19
147
unknown
3
Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].
Created 2022-03-27
45 commits to main branch, last one about a year ago
Windows user-land hooks manipulation tool.
Created 2021-03-27
15 commits to main branch, last one 3 years ago