edr

This map lists the essential techniques to bypass anti-virus and EDR

Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It is derived from ByteDance's internal best practices.

Adversary tradecraft detection, protection, and hunting

EDR Lab for Experimentation Purposes

An Active Defense and EDR software to empower Blue Teams

Open Source EDR for Windows

Awesome EDR Bypass Resources For Ethical Hacking

Enumerate and disable common sources of telemetry used by AV/EDR.

Evasive shellcode loader for bypassing event-based injection detection (PoC)

iMonitor（冰镜 - 终端行为分析系统）

a tool to help operate in EDRs' blind spots

戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知威胁与已知威胁.防守方的利剑

Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.

Cobalt Strike script for ScareCrow payloads intergration (EDR/AV evasion)

Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact).

Unlock the full brightness of the XDR display of your MacBook Pro

The world's most powerful System Activity Monitor Engine · 一款功能强大的终端行为采集防御开发套件 ~ 旨在帮助EDR、零信任、数据安全、审计管控等终端安全软件可以快速实现产品功能， 而不用关心底层驱动的开发、维护和兼容性问题，让其可以专注于业务开发

Sanctum is an experimental proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antivirus. Built in Rust.

CSS trick/bug to display a brighter white by exploiting browsers' HDR capability and Apple's EDR system

Security product hook detection