Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
Little user-mode AV/EDR evasion lab for training & learning purposes
Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.
翻译 - Sysmon 事件模拟实用程序,可用于模拟攻击以生成 Sysmon 事件日志,以测试 Blue 团队的 EDR 检测和关联规则。
Adversary emulation for EDR/SIEM testing (macOS/Linux)
Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctypes
This repository contains a comprehensive testing designed for evaluating the performance and resilience of Endpoint Detection and Response (EDR) systems
Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
Open EDR public repository
翻译 - 打开EDR公共存储库
Template-Driven AV/EDR Evasion Framework
翻译 - 模板驱动的 AV / EDR 规避框架
绕过AV/EDR的代码例子(Code example to bypass AV/EDR)
AV/EDR evasion via direct system calls.
AV/EDR evasion via direct system calls.
翻译 - 通过直接系统调用进行AV / EDR规避。
Example code for EDR bypassing
Kill AV/EDR leveraging BYOVD attack
Awesome AV/EDR/XDR Bypass Tips
Simple EDR implementation to demonstrate bypass
This project aims to compare and evaluate the telemetry of various EDR products.
Terminate AV/EDR Processes using kernel driver
List of Bluetooth BR/EDR/LE security resources