RT/EDR

Resources

# Attacking EDR series
https://riccardoancarani.github.io/2023-08-03-attacking-an-edr-part-1/
https://riccardoancarani.github.io/2023-09-14-attacking-an-edr-part-2/
https://riccardoancarani.github.io/2023-11-07-attacking-an-edr-part-3/
https://labs.infoguard.ch/posts/edr_part1_intro_-_security_analysis_of_edr_drivers/
https://labs.infoguard.ch/posts/edr_part2_driver_analysis_results/
https://labs.infoguard.ch/posts/edr_part3_one_bug_to_stop_them_all/
https://labs.infoguard.ch/posts/attacking_edr_part4_fuzzing_defender_scanning_and_emulation_engine/

# Syscalls
https://www.darkrelay.com/post/stealth-syscall-execution-bypass-edr-detection

# Resources compilation
https://github.com/tkmru/awesome-edr-bypass

# File sharing
https://www.lolfs.app/

Last updated

Was this helpful?