Pentester's Promiscuous Notebook
Twitter
GitHub
Blog
Sponsor
Search
⌃
K
Links
README
⚒️ Pentest
C2
Infrastructure
AD
ACL Abuse
AD CS Abuse
ADIDNS Abuse
Attack Trusts
Attack RODCs
AV / EDR Evasion
.NET Reflective Assembly
AMSI Bypass
Application Whitelist Bypass
AppLocker Bypass
BYOVD
CLM Bypass
Defender
ETW Block
Execution Policy Bypass
KIS / KES
Mimikatz
UAC Bypass
Authentication Coercion
Credentials Harvesting
Discovery
DnsAdmins
Dominance
GPO Abuse
Kerberos
Key Credentials Abuse
LAPS
Lateral Movement
LDAP
NTLM
Password Spraying
Post Exploitation
Pre-created Computers Abuse
PrivExchange
Privileges Abuse
RID Cycling
SCCM / MECM Abuse
SMB
RPC
Token Manipulation
User Hunt
WSUS
Zerologon
DevOps
DBMS
Authentication Brute Force
File Transfer
IPMI
Kiosk Breakout
Low-Hanging Fruits
LPE
Networks
NFS
Persistence
Pivoting
Post Exploitation
SNMP
SSH
TFTP
VNC
Misc
OSINT
Password Brute Force
Perimeter
Shells
Web
Wi-Fi
⚔️ Red Team
Basics
Cobalt Strike
Infrastructure
Malware Development
SE
⚙️ Admin
Git
Linux
Networking
Virtualization
Windows
Powered By
GitBook
Comment on page
BYOVD
Bring Your Own Vulnerable Driver
https://www.loldrivers.io/
https://alice.climent-pommeret.red/posts/process-killer-driver/
EDRSandblast
[PDF] EDR detection mechanisms and bypass techniques with EDRSandblast (Maxime Meignan, Thomas Diot)
https://github.com/wavestone-cdt/EDRSandblast
https://www.elastic.co/security-labs/forget-vulnerable-drivers-admin-is-all-you-need
https://github.com/gabriellandau/EDRSandblast-GodFault
EDRSnowblast
https://v1k1ngfr.github.io/edrsnowblast/
Blinding EDR
Wipe kernel callbacks, prevent EDR internal communication, etc.
https://synzack.github.io/Blinding-EDR-On-Windows/
https://sensepost.com/blog/2023/filter-mute-operation-investigating-edr-internal-communication/
Tools
https://github.com/Yaxser/Backstab
https://github.com/ZeroMemoryEx/Blackout
https://github.com/ZeroMemoryEx/Terminator
Last modified
2mo ago
