EDR_Tester

This batch script file wants to check your EDR systems detection and response capabilities in a more noisy way! Please wait..until EDR testing script finish its Jobs, then you should check your existing or future EDR log events! You can use this script when you are testing various EDR and NTA products! Please run this script administrator mode! Test your existing infrastructure than write correct detection & response rules. Send detected event logs SIEM and SOAR systems then take automated actions and hunt threats if any APT organization wants to steal your data and money. I will add additional different kind of scripts on this repository, you can test your systems with this scripts. Some security products has blind points : )

Note: Please change all fields abc.local domain name your local domain name.If you are testing real domain environment.

#References:

https://blogs.jpcert.or.jp/en/2016/01/windows-commands-abused-by-attackers.html

https://github.com/op7ic/EDR-Testing-Script

https://github.com/api0cradle/LOLBAS/tree/master/OSBinaries

https://lolbas-project.github.io/

https://atomicredteam.io/

https://attack.mitre.org/

https://infosecarsenal.blogspot.com/

https://www.tutorialspoint.com/batch_script/batch_script_commands.htm

https://www.tenforums.com/tutorials/16588-clear-all-event-logs-event-viewer-windows.html

https://blog.netspi.com/10-evil-user-tricks-for-bypassing-anti-virus/