Pinned Repositories
CrimsonEDR
Simulate the behavior of AV/EDR for malware development training.
DetectHooks
Detect userland hooks placed by AV/EDR
GetSystem-LCI
GetSystem-LCI is a PowerShell script to escalate privileges from Administrator to NT AUTHORITY\SYSTEM by abusing LanguageComponentsInstaller.
NimBlackout
Kill AV/EDR leveraging BYOVD attack
NimReflectiveLoader
NimReflectiveLoader is a Nim-based tool for in-memory DLL execution using Reflective DLL Loading.
SimpleEDR
Simple EDR that injects a DLL into a process to place a hook on specific Windows API
Helixo32's Repositories
Helixo32/CrimsonEDR
Simulate the behavior of AV/EDR for malware development training.
Helixo32/NimBlackout
Kill AV/EDR leveraging BYOVD attack
Helixo32/SimpleEDR
Simple EDR that injects a DLL into a process to place a hook on specific Windows API
Helixo32/GetSystem-LCI
GetSystem-LCI is a PowerShell script to escalate privileges from Administrator to NT AUTHORITY\SYSTEM by abusing LanguageComponentsInstaller.
Helixo32/DetectHooks
Detect userland hooks placed by AV/EDR
Helixo32/NimReflectiveLoader
NimReflectiveLoader is a Nim-based tool for in-memory DLL execution using Reflective DLL Loading.