sh4hin's starred repositories
EDR-Telemetry
This project aims to compare and evaluate the telemetry of various EDR products.
EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
GraphRunner
A Post-exploitation Toolset for Interacting with the Microsoft Graph API
MasterParser
MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
Disable-Windows-Defender-
Disable Windows Defender (+ UAC Bypass, + Upgrade to SYSTEM)
SignToolEx
Patching "signtool.exe" to accept expired certificates for code-signing.
Invoke-ADEnum
Automate Active Directory Enumeration using PowerView
Cobalt-Strike-Profiles-for-EDR-Evasion
Cobalt Strike Profiles for EDR Evasion
EDRception
A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
deploy-goad
Script to install prerequisites for deploying GOAD on Ubuntu Linux 22.04
Learning-EDR-and-EDR_Evasion
I will be uploading all the codes which I created with the help either opensource projects or blogs. This is a step by step EDR learning path for me.
CVE-2024-21626
PoC and Detection for CVE-2024-21626
unmanaged-dotnet-patch
Modify managed functions from unmanaged code
EternelSuspention
a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
ExecRemoteNET
Execute Remote Assembly with args passing and with AMSI and ETW patching .
go-ThreadlessInject
Golang implementation of @CCob's C# ThreadlessInject
HalosGate-Cpl-C-
Halos Gate implementation in C++
SharpIncrease
Evade Everything