SilentButDeadly

SilentButDeadly

SilentButDeadly is a network communication blocker designed to neutralize EDR/AV software by preventing their cloud connectivity using the Windows Filtering Platform (WFP). This version focuses solely on network isolation without process termination.

Key Features:

• EDR/AV Neutralization: Blocks network communication of EDR/AV software.
• Windows Filtering Platform (WFP): Utilizes WFP for network filtering.
• Network Isolation: Focuses on isolating processes without terminating them.
• Dynamic WFP Session: Creates non-persistent WFP sessions.
• Process Enumeration: Discovers target security processes.
• Extensible Target List: Easily add new EDR targets via the g_EDRTargets array.

Use Cases:

• Pre-engagement testing to verify EDR bypass.
• Controlled environments for malware analysis.
• Red team operations for initial foothold establishment.
• Security research for EDR behavior analysis.