Add: netero1010/EDRSilencer to Defense Evasion section

2024-10-01 07:45:36 -04:00 · 2024-01-10 20:54:26 +07:00 · 2024-01-10 20:54:26 +07:00 · 1bfbff8013
commit 1bfbff8013
parent b0b0fb97a2
1 changed files with 4 additions and 0 deletions
--- a/Offensive.md
+++ b/Offensive.md
@ -1748,6 +1748,10 @@ Some tools can be categorized in more than one category. But because the current
        <td><a href="https://github.com/netbiosX/AMSI-Provider">netbiosX/AMSI-Provider</a></td>
        <td>A fake AMSI Provider which can be used for persistence.</td>
    </tr>
+    <tr>
+        <td><a href="https://github.com/netero1010/EDRSilencer">netero1010/EDRSilencer</a></td>
+        <td>A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.</td>
+    </tr>
    <tr>
        <td><a href="https://github.com/netero1010/TrustedPath-UACBypass-BOF">netero1010/TrustedPath-UACBypass-BOF</a></td>
        <td>Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.exe" by using DCOM object.</td>