Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for edr
edr
x
62 search results found
Fibratus
⭐
2,035
A modern tool for Windows kernel exploration and tracing with a focus on security
Elkeid
⭐
2,020
Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It is derived from ByteDance's internal best practices.
Bypassav
⭐
1,898
This map lists the essential techniques to bypass anti-virus and EDR
Whids
⭐
921
Open Source EDR for Windows
Bluespawn
⭐
912
An Active Defense and EDR software to empower Blue Teams
Bestedrofthemarket
⭐
684
Little AV/EDR bypassing lab for training & learning purposes
Imonitor
⭐
629
iMonitor(冰镜 - 终端行为分析系统)
Pyramid
⭐
515
a tool to help operate in EDRs' blind spots
Awesome Edr Bypass
⭐
464
Awesome EDR Bypass Resources For Ethical Hacking
Driploader
⭐
419
Evasive shellcode loader for bypassing event-based injection detection (PoC)
Terraldr
⭐
409
A Payload Loader Designed With Advanced Evasion Features
Telemetrysourcerer
⭐
397
Enumerate and disable common sources of telemetry used by AV/EDR.
Scarecrow Cobaltstrike
⭐
380
Cobalt Strike script for ScareCrow payloads intergration (EDR/AV evasion)
Rmeye
⭐
350
戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知威胁与已知威胁.
Kql
⭐
326
Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.
Imonitorsdk
⭐
302
系统监控开发套件(sysmon、promon、edr、终端安全、主机安全、零信任、上网行为管理)
Owlyshield
⭐
301
Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact).
Knowndllunhook
⭐
282
Replace the .txt section of the current loaded modules from \KnownDlls\ to bypass edrs
Hellhall
⭐
243
Performing Indirect Clean Syscalls
Edr Testing Script
⭐
154
Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfusca payloads
Cbapi Python
⭐
144
Carbon Black API - Python language bindings
Edr Test
⭐
124
Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].
Brightintosh
⭐
118
Unlock the full brightness of the XDR display of your MacBook Pro
Tietwagent
⭐
105
PoC memory injection detection agent based on ETW, for offensive and defensive research purposes
Forensicminer
⭐
98
A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
Roota
⭐
86
RootA is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with standardized metadata and threat intelligence to enable automated translation into other languages
Redcanary Response Utils
⭐
82
Tools to automate and/or expedite response.
Whitebeam
⭐
81
WhiteBeam: Transparent endpoint security
Uncoder_io
⭐
81
An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.
Reflectiventdll
⭐
74
A Dropper POC focusing EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (using pe2shc by @hasherezade). Payload encryption via SystemFucntion033 NtApi and No new thread via Fiber
Minesweeper
⭐
67
Windows user-land hooks manipulation tool.
Mdetester
⭐
55
MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.
Brightxdr
⭐
51
Free and Open Source alternative to Vivid macOS application to extend Apple XDR display brightness from 500 up to 1600 nits.
Condor
⭐
49
「🛡️」AVs/EDRs Evasion tool
Awesome Endpoint Detection And Response
⭐
39
Collection of tool you need to have in your Endpoint Detection and Response arsenal
Utmstack
⭐
34
Customizable SIEM and XDR powered by Real-Time correlation and Threat Intelligence
Ttp Bench
⭐
31
Adversary emulation for EDR/SIEM testing (macOS/Linux)
Edr
⭐
22
EDR timetable & driver view for Simrail
Peb Ppidspoofing_csharp
⭐
19
Command line & PPID spoofing
Rts Queries
⭐
19
Practical Orientation Of MVISION EDR Query Language
Edrevals
⭐
16
Compare Endpoint Detection and Response solutions based on MITRE ATT&CK evaluations (APT3, APT29, Carbanak + FIN7, Wizard Spider + Sandworm)
Edr_swift
⭐
16
I want to use EDR features easily.
Rhythm Cb Scripts
⭐
14
Collection of scripts for use with Carbon Black Cb Response API
Cb Lastline Connector
⭐
13
Carbon Black - LastLine Binary Detonation Connector
Unhookingdll
⭐
13
This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hollowing
Misp2cbr
⭐
13
Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.
Atomic Harness
⭐
13
A tool to run and validate telemetry for Atomic Red Team tests
Cb Threatexchange Connector
⭐
10
Carbon Black - Facebook Threat Exchange Connector
Apc_shellcodeexecution_csharp
⭐
9
Shellcode Load or execute via "APC technic"
Edr_query_parser
⭐
9
The OGC Environmental Data Retrieval API query parser makes it easy to parse and use the API query.
Mitre_edr_eval
⭐
9
Parsing MITRE EDR Evaluation results
Zcurve
⭐
8
zcurve R package for assessing the reliability and trustworthiness of published literature with the z-curve method
Hookdump
⭐
8
Security product hook detection
Get Riskyprocesses
⭐
7
Checks running processes for a list of potentially "risky" ones that should not be spawned by certain parent processes. If found, the results could indicate abnormal behavior.
Crowdstrike Ecs Fargate Pipepline Demo
⭐
6
Sample pipeline demo highlighting how to integrate Falcon Container Sensor into ECS Fargate Workloads
Remoteshellcodeinjection
⭐
5
This will help you inject a shellcode hosted as text remotly into a process
N3tstatids
⭐
5
Lightweight Endpoint Detection & Response (EDR) Framework
Cb Infoblox Connector
⭐
5
CB Connector for Infoblox Secure DNS
Fulldllunhooking_csharp
⭐
5
Unhook DLL via cleaning the DLL 's .text section
Hookdetection_csharp
⭐
5
HookDetection
Edrisobaric
⭐
5
OGC EDR API for isobaric data from https://api.met.no/weatherapi/isobaricgrib/1.0/doc
Earlybirdinjection_csharp
⭐
5
Inject shellcode into process via "EarlyBird"
1-62 of 62 search results
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.