edr topic

List edr repositories

fibratus

2.1k
Stars
183
Forks
Watchers

A modern tool for Windows kernel exploration and tracing with a focus on security

verified publisher icon rabbitstack

FullDLLUnhooking_CSharp

50
Stars
10
Forks
Watchers

Unhook DLL via cleaning the DLL 's .text section

verified publisher icon Kara-4search

MISP2CbR

19
Stars
4
Forks
Watchers

Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.

verified publisher icon eCrimeLabs

Microsoft-Defender-for-Endpoint-Queries

28
Stars
7
Forks
Watchers

Microsoft Defender for Endpoint Hunting Queries

verified publisher icon eshlomo1

Pyramid

623
Stars
72
Forks
Watchers

a tool to help operate in EDRs' blind spots

verified publisher icon naksyn

KnownDllUnhook

280
Stars
37
Forks
Watchers

Replace the .txt section of the current loaded modules from \KnownDlls\ to bypass edrs

verified publisher icon NUL0x4C

ttp-bench

34
Stars
2
Forks
Watchers

Adversary emulation for EDR/SIEM testing (macOS/Linux)

verified publisher icon tstromberg

npm-initial-access

23
Stars
4
Forks
Watchers

Easy to extend initial access scenario to help with EDR testing on Linux and Mac

verified publisher icon gmatuz

conference_talks

35
Stars
9
Forks
Watchers

Slides from various conference talks

verified publisher icon yardenshafir

SEDR-Internals

25
Stars
6
Forks
Watchers

Symantec EDR Internals

verified publisher icon nasbench