RT/EDR
Resources
# Attacking EDR series
https://riccardoancarani.github.io/2023-08-03-attacking-an-edr-part-1/
https://riccardoancarani.github.io/2023-09-14-attacking-an-edr-part-2/
https://riccardoancarani.github.io/2023-11-07-attacking-an-edr-part-3/
https://labs.infoguard.ch/posts/edr_part1_intro_-_security_analysis_of_edr_drivers/
https://labs.infoguard.ch/posts/edr_part2_driver_analysis_results/
https://labs.infoguard.ch/posts/edr_part3_one_bug_to_stop_them_all/
https://labs.infoguard.ch/posts/attacking_edr_part4_fuzzing_defender_scanning_and_emulation_engine/
# Syscalls
https://www.darkrelay.com/post/stealth-syscall-execution-bypass-edr-detection
# Resources compilation
https://github.com/tkmru/awesome-edr-bypass
# File sharing
https://www.lolfs.app/
Last updated
Was this helpful?