Found 61 repositories(showing 30)
tsale
This project aims to compare and evaluate the telemetry of various EDR products.
jthuraisamy
Enumerate and disable common sources of telemetry used by AV/EDR.
senzee1984
Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry
TierZeroSecurity
Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination IP addresses are parsed based on the server name in TLS Client Hello packet and the provided blocked server name (or blocked string) list in the file.
No description available
8damon
Windows EDR/DFIR Telemetry Platform for Malware Forensics and Threat Hunting | Kernel Instrumentation & User-mode Sensors
cantinaxyz
EDR for AI agents. Security guardrails and telemetry plugin for OpenClaw.
acquiredsecurity
This Repo Contains some examples of attacker Simulated behaviors you can use to test your AV/EDR/XDR telemetry.
sentrilite
Sentrilite EDR/XDR for Windows: Detection-As-Code, Observability, Security & Live Telemetry with AI/LLM Insights
wan1yan
一个基于go写的shellcode_load. Advanced modular evasion loader for Windows x64. Features Build Tag-based isolation, Indirect Syscalls, Telemetry Blinding (ETW/AMSI), and robust Call Stack Spoofing to thwart EDR stack analysis.
openguardrails
Detect OpenClaw AI agent installations across your organization via EDR telemetry.
Experimental closed-loop EDR evaluation framework, automated artifact mutation, sandboxed execution, telemetry collection, and explainable triage. Understands why detections trigger. M.Sc. Cybersecurity thesis (EPFL, 2026).
anantis-security
WFP network filter to block EDR telemetry
CySAJohnseun
To gain hands-on experience generating a command-and-control (C2) payload using Sliver, a post-exploitation framework, on a Linux virtual machine (VM). This payload will then be transferred to a Windows VM, simulating a malware infection. The objective is to understand the initial stages of an attack and how C2 communication is established.
Dviros
A very easy way to disrupt EDR telemetry communications.
HrushiCyber
Detection Engineering knowledge base for Windows endpoints and EDR telemetry
mohamedanas069
🛡 Enumerate AV, EPP, EDR, and telemetry on Windows hosts using low-noise Cobalt Strike commands for tailored risk-based assessment.
albertomagallon
This repository contains the code for the project "Enhancing Cyber Threat Detection using Machine Learning on EDR Telemetry." The project aims to improve threat detection accuracy and efficiency in EDR systems by leveraging machine learning models trained on client-specific telemetry data. Implementation follows the CRISP-DM methodology.
Naifnizami
A modular, containerized Threat Simulation Framework (SIEM/EDR/SOAR) generating high-fidelity Azure & CrowdStrike telemetry for detection engineering and automated response logic testing.
sergio11
🔬 POC: AI-powered EDR/SIEM using Kafka, Spark, QDrant, and Gemini for autonomous threat hunting. 🤖 Ingests telemetry, embeds logs as vectors, generates threat hypotheses with LLM, validates findings automatically.
maartsurf
No description available
Sec-Link
No description available
Jake0Miller
No description available
Apsoft-tr
New Submission for EDR-Telemetry
KONSTANTINOSLENTAS
A local EDR telemetry analyzer using generative AI for real-time risk scoring.
EdogawaCoder
Cockpit telemetry dashboard consuming data from edragorn's telemetry api.
sawyerDeveloper
No description available
CygnusOfBalance
No description available
Rutujadb
No description available
BengaminButton
No description available