Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It is derived from ByteDance's internal best practices...
翻译 - ByteDance-HIDS是一个基于云的本机基于主机的入侵检测解决方案项目,旨在提供具有现代体系结构的下一代威胁检测和行为审计。
Adversary tradecraft detection, protection, and hunting
翻译 - Windows内核探索和跟踪工具
An Active Defense and EDR software to empower Blue Teams
翻译 - 主动防御和EDR软件可增强Blue Teams的能力
AV/EDR Evasion Lab for Training & Learning Purposes
Awesome EDR Bypass Resources For Ethical Hacking
Enumerate and disable common sources of telemetry used by AV/EDR.
翻译 - 枚举和禁用AV / EDR使用的常见遥测源。
Evasive shellcode loader for bypassing event-based injection detection (PoC)
翻译 - 逃逸的shellcode加载程序,用于绕过基于事件的注入检测(PoC)
a tool to help operate in EDRs' blind spots
Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.
Cobalt Strike script for ScareCrow payloads intergration (EDR/AV evasion)
#计算机科学#Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact).
The world's most powerful System Activity Monitor Engine · 一款功能强大的终端行为采集防御开发套件 ~ 旨在帮助EDR、零信任、数据安全、审计管控等终端安全软件可以快速实现产品功能, 而不用关心底层驱动的开发、维护和兼容性问题,让其可以专注于业务开发
Unlock the full brightness of the XDR display of your MacBook Pro
CSS trick/bug to display a brighter white by exploiting browsers' HDR capability and Apple's EDR system
Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads