By manipulating LSASS memory flags like UseLogonCredential and IsCredGuardEnabled, this repo demonstrates how Credential Guard can be bypassed—restoring cleartext credentials despite the protection appearing active. Requires SYSTEM-level access and targets VBS-based defenses.
☆14May 25, 2025Updated 9 months ago
Alternatives and similar repositories for CredentialGuardBypass
Users that are interested in CredentialGuardBypass are comparing it to the libraries listed below
Sorting:
- Run-time loader and patcher☆15Sep 22, 2018Updated 7 years ago
- Fuzzing Harness and Unpatched Crash Results from Fuzzing Defender MpEngine☆39Jul 29, 2025Updated 6 months ago
- Themida 3.x research☆42Feb 28, 2025Updated 11 months ago
- A slightly more fun way to disable windows defender☆52May 4, 2025Updated 9 months ago
- ☆13Dec 10, 2023Updated 2 years ago
- 用於 Java, Design Pattern 的教育學習專案,包含一些 demo code。☆10Nov 29, 2017Updated 8 years ago
- CVE-2024-43451 is a Windows NTLM vulnerability that allows an attacker to force authentication and capture NTLM hashes by using malicious…☆15Jan 21, 2025Updated last year
- Download browser extension's source code as zip☆20Nov 23, 2025Updated 3 months ago
- Advanced PDF parsing for python☆12Jan 21, 2025Updated last year
- A small tool to patch PE files' import address table with an external payload DLL.☆16Feb 15, 2026Updated last week
- adobe reader sandbox utility☆11Aug 7, 2020Updated 5 years ago
- Blocking Windows EDR agents by registering an own IPC-object in the Object Manager’s namespace (CVE-2023-3280, CVE-2024-5909, CVE-2024-20…☆33Feb 27, 2025Updated 11 months ago
- A Python client for the Global CVE Allocation System.☆17Jan 31, 2026Updated 3 weeks ago
- Linux kernel-mode and user-space with wine/MinGW/Windows compability hacking library.☆12Sep 15, 2022Updated 3 years ago
- A CTF VM that fights back☆19Apr 4, 2012Updated 13 years ago
- 在线安软识别☆12Aug 6, 2025Updated 6 months ago
- programmatic binary patching using ptrace☆13Aug 9, 2025Updated 6 months ago
- VMProtect2 Deobfuscation Tooling☆89Nov 12, 2025Updated 3 months ago
- Find unicode codepoints to use in normalisation and transformation attacks.☆11Mar 15, 2021Updated 4 years ago
- Windows command line utility to set Intel FIVR voltage offset.☆13Mar 7, 2021Updated 4 years ago
- RE for champions☆15Updated this week
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆30Sep 24, 2025Updated 5 months ago
- A REALLY Danger Windows Driver, Turn Any threads Ring0!☆13Aug 11, 2025Updated 6 months ago
- Used to grab banners from TCP services and search their contents for a specific string.☆16Feb 11, 2020Updated 6 years ago
- A Simple heaptrack-compatible Heap Profiler for Windows C/C++ Applications☆12Jun 28, 2015Updated 10 years ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆13Jul 15, 2023Updated 2 years ago
- A rust proof of concept to demonstrate registry overwriting via RegRestoreKey using the Offline Registry Library☆24Nov 13, 2025Updated 3 months ago
- Install dnscrypt-proxy on Ubuntu 18.04☆10Dec 15, 2018Updated 7 years ago
- AIDA64DRIVER Elevation of Privilege Vulnerability☆16Oct 25, 2024Updated last year
- ☆12Mar 1, 2021Updated 4 years ago
- CLI version of NetworkMiner (https://www.netresec.com/?page=NetworkMiner)☆13Dec 1, 2025Updated 2 months ago
- A C# implementation that disables Windows Firewall bypassing UAC☆17Oct 23, 2024Updated last year
- Hide the memory of the process in the Linux kernel.☆10Dec 8, 2020Updated 5 years ago
- My Personal Kernel-Mode Process dumper☆13Feb 18, 2024Updated 2 years ago
- Leveraging TPM2 TCG Logs (Measured Boot) to Detect UEFI Drivers and Pre-Boot Applications☆22Mar 28, 2025Updated 10 months ago
- ☆15Sep 2, 2024Updated last year
- ☆15Mar 17, 2025Updated 11 months ago
- ☆12Mar 15, 2020Updated 5 years ago
- Julia rules for semgrep☆14Dec 9, 2025Updated 2 months ago