SilentButDeadly is designed to neutralize EDR and antivirus systems by blocking their network communications without terminating processes. Developed by Ryan Framiñán, it leverages the Windows Filtering Platform to create temporary network blocks, thereby isolating threats and preserving operational integrity. The tool is built on the 2023 EDRSilencer technique, enhancing stealth during red-team exercises and malware analysis.
The execution process begins with privilege verification and progresses through multiple phases. Users interactively confirm their access, and the discovery phase identifies EDR targets before creating dynamic network blocks. SilentButDeadly is designed to be ethical and defensively used, allowing for precise targeting of EDR services while reducing forensic footprints. Despite its capabilities to sever remote management, it maintains local detection functionalities, highlighting important considerations for defenders regarding EDR reliance on cloud connectivity.
👉 Pročitaj original: Cyber Security News
