edr-internals — AI Tool by outflanknl

by outflanknl · AI Tool · ★ 278

Last updated: · Indexed by AgentSkillsHub · Auto-synced every 8h

About edr-internals

EDR Internals Tools for analyzing EDR agents. For details, see our blog post. ESDump - macOS Endpoint Security client that dumps events to NEDump - macOS content filter provider that dumps socket flow data to attacks/phantomv1 - A collection of POCs that bypass different Linux syscalls using the Phantom V1 TOCTOU vulnerability dumpebpf.sh - Linux eBPF program and map enumeration script hook.py - Frida loader with scripts for inspecting key macOS monitoring functions Usage ESDump and NEDump can be compiled on macOS using CMakeLists.txt or you can download a precompiled release. SIP must be disabled on the host for ESDump to work. The NEDump app bundle must be copied to to work. Any of the phantomv1 can be compiled on Linux using the Makefile. To use dumpebpf.sh, bpftool must be installed. The [frida](https://pypi

Quick Facts

Stars278
Forks27
LanguageC++
CategoryAI Tool
LicenseGPL-3.0
Quality Score55.1094472693597/100
Last Updated2024-06-10
Created2024-06-03
Est. Tokens~3k

edr-internals alternative? Top 5 similar tools

Looking for a edr-internals alternative? If you're comparing edr-internals with other ai tool tools, these 5 projects are the closest alternatives on Agent Skills Hub — ranked by topic overlap, star count, and community traction.

  • MedgeClaw by xjtulyc · ⭐ 959

    Open-source AI research assistant for biomedicine — chat to run RNA-seq, drug discovery, clinical analysis, an

  • shaping-skills by rjs · ⭐ 954

    Skills I use with Claude for shaping

  • pivotnacci by blackarrowsec · ⭐ 718

    A tool to make socks connections through HTTP agents

  • redesigned-pancake by Sfedfcv · ⭐ 213

    Skip to content github / docs Code Issues 80 Pull requests 35 Discussions Actions Projects 2 Security Insights

  • maui-skills by davidortinau · ⭐ 117

    .NET MAUI skills for GitHub Copilot and Claude Code

More AI Tool Tools

Explore other popular ai tool tools:

View all AI Tool tools →

Popular C++ Agent Tools

Frequently Asked Questions

What is edr-internals?

edr-internals is Tools for analyzing EDR agents. It is categorized as a AI Tool with 278 GitHub stars.

What programming language is edr-internals written in?

edr-internals is primarily written in C++.

How do I install or use edr-internals?

You can find installation instructions and usage details in the edr-internals GitHub repository at github.com/outflanknl/edr-internals. The project has 278 stars and 27 forks, indicating an active community.

What license does edr-internals use?

edr-internals is released under the GPL-3.0 license, making it free to use and modify according to the license terms.

What are the best alternatives to edr-internals?

The top alternatives to edr-internals on Agent Skills Hub include MedgeClaw, shaping-skills, pivotnacci. Each offers a different approach to the same problem space — compare them side-by-side by stars, quality score, and community activity.

View on GitHub → Browse AI Tool tools