11

Github GitHub - Mr-Un1k0d3r/EDRs

 3 years ago
source link: https://github.com/Mr-Un1k0d3r/EDRs
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

README.md

This repo contains information about EDRs that can be useful during red team exercise.

Want to contribute simply run hook_finder64.exe C:\windows\system32\ntdll.dll and submit the output.

CrowdStrike hooked ntdll.dll APIs

CrowdStrike hooks list

SentinelOne hooked ntdll.dll APIs

SentinelOne hooks list

Cylance hooked ntdll.dll APIs (Thanks to Seemant Bisht)

Cylance hooks list

Sophos hooked ntdll.dll APIs

Sophos hooks list

Attivo Deception hooked ntdll.dll APIs

Attivo hooks list

CarbonBlack hooked ntdll.dll APIs (Thanks to Hackndo)

CarbonBlack hooks list

Credit

Mr.Un1k0d3r RingZer0 Team


About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK