SilentButDeadly

A network communication blocker designed to neutralize EDR/AV software using Windows Filtering Platform (WFP).

Introduction

SilentButDeadly

SilentButDeadly is a network communication blocker designed to neutralize EDR/AV software by preventing their cloud connectivity using the Windows Filtering Platform (WFP). This version focuses solely on network isolation without process termination.

Key Features:

EDR/AV Neutralization: Blocks network communication of EDR/AV software.
Windows Filtering Platform (WFP): Utilizes WFP for network filtering.
Network Isolation: Focuses on isolating processes without terminating them.
Dynamic WFP Session: Creates non-persistent WFP sessions.
Process Enumeration: Discovers target security processes.
Extensible Target List: Easily add new EDR targets via the g_EDRTargets array.

Use Cases:

Pre-engagement testing to verify EDR bypass.
Controlled environments for malware analysis.
Red team operations for initial foothold establishment.
Security research for EDR behavior analysis.

Back

Information

Publisher
Admin
Websitegithub.com
Published date2025/11/17

More Products

Red Team OperationsInfrastructure Security

Visit Website

SessionHop

Details

C# tool for hijacking Windows user sessions via the IHxHelpPaneServer COM object, enabling operators to run arbitrary files in another user's session.

Internal C2