11
Github GitHub - Mr-Un1k0d3r/EDRs
source link: https://github.com/Mr-Un1k0d3r/EDRs
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
README.md
This repo contains information about EDRs that can be useful during red team exercise.
Want to contribute simply run hook_finder64.exe C:\windows\system32\ntdll.dll
and submit the output.
CrowdStrike hooked ntdll.dll APIs
SentinelOne hooked ntdll.dll APIs
Cylance hooked ntdll.dll APIs (Thanks to Seemant Bisht)
Sophos hooked ntdll.dll APIs
Attivo Deception hooked ntdll.dll APIs
CarbonBlack hooked ntdll.dll APIs (Thanks to Hackndo)
Credit
Mr.Un1k0d3r RingZer0 Team
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK