By manipulating LSASS memory flags like UseLogonCredential and IsCredGuardEnabled, this repo demonstrates how Credential Guard can be bypassed—restoring cleartext credentials despite the protection appearing active. Requires SYSTEM-level access and targets VBS-based defenses.
☆14May 25, 2025Updated 9 months ago
Alternatives and similar repositories for CredentialGuardBypass
Users that are interested in CredentialGuardBypass are comparing it to the libraries listed below
Sorting:
- Nuclei templates for source code analysis. Detects hardcoded secrets, config leaks, debug endpoints. Also helps identify OWASP Top 10 iss…☆83Jun 11, 2025Updated 9 months ago
- Julia rules for semgrep☆14Dec 9, 2025Updated 3 months ago
- Collection of Semgrep rules for security analysis☆10Mar 30, 2024Updated last year
- An ultra lightweight web screenshot tool with advanced DOM analysis features.☆41Dec 2, 2025Updated 3 months ago
- Low Noise Semgrep Security Rules☆23Feb 6, 2025Updated last year
- Fuzzing Harness and Unpatched Crash Results from Fuzzing Defender MpEngine☆42Jul 29, 2025Updated 7 months ago
- A collection of Semgrep rules which followed security guidelines for .NET and Java.☆24Oct 4, 2021Updated 4 years ago
- ☆18Dec 20, 2025Updated 2 months ago
- Run-time loader and patcher☆15Sep 22, 2018Updated 7 years ago
- This is an Active Directory Pentesting Lab created by me which includes attacks like IPV6 DNS takeover, Smb relay, unconstrained delegati…☆22Jan 23, 2024Updated 2 years ago
- Small script for retrieving incoming transactions based on provided hour period.☆14Jan 24, 2022Updated 4 years ago
- Windows Event Log Killer☆12May 22, 2017Updated 8 years ago
- My collection of Semgrep rules for vulnerability detection on source code (swift, java, cobol)☆43Dec 3, 2025Updated 3 months ago
- CryptnetURLCacheParser is a tool to parse CryptAPI cache files☆21Aug 3, 2024Updated last year
- "Sucosh" is an automated Source Code vulnerability scanner and assessment framework for Python(Flask-Django) & NodeJs capable of performi…☆39May 20, 2024Updated last year
- ☆61Jun 28, 2025Updated 8 months ago
- Windows Security Descriptor Definition Language (SDDL) parser and formatter☆20Jun 8, 2020Updated 5 years ago
- A tool designed to hook into Windows applications and output named (and anonymous?) pipe traffic.☆15Feb 27, 2024Updated 2 years ago
- RE for champions☆15Mar 10, 2026Updated last week
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆13Jul 15, 2023Updated 2 years ago
- ☆12Apr 7, 2022Updated 3 years ago
- Themida 3.x research☆43Feb 28, 2025Updated last year
- ☆15Mar 17, 2025Updated last year
- List of Command&Control (C2) software☆50Nov 11, 2022Updated 3 years ago
- ollvm, based on llvm-clang 5.0.2, 6.0.1, 7.0.1, 8.0, 9.0, 9.0.1☆19Apr 4, 2022Updated 3 years ago
- A Python client for the Global CVE Allocation System.☆17Jan 31, 2026Updated last month
- My Personal Kernel-Mode Process dumper☆14Feb 18, 2024Updated 2 years ago
- ☆21Jul 4, 2022Updated 3 years ago
- Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich☆18Jun 29, 2024Updated last year
- Quick ESXi Log Parser☆30Oct 20, 2025Updated 4 months ago
- A slightly more fun way to disable windows defender☆52May 4, 2025Updated 10 months ago
- CSharp4Pentesters☆11Mar 5, 2022Updated 4 years ago
- This is an AD pentest tools collection☆59Jul 6, 2024Updated last year
- A Simple heaptrack-compatible Heap Profiler for Windows C/C++ Applications☆12Jun 28, 2015Updated 10 years ago
- Blocking Windows EDR agents by registering an own IPC-object in the Object Manager’s namespace (CVE-2023-3280, CVE-2024-5909, CVE-2024-20…☆35Feb 27, 2025Updated last year
- Used to grab banners from TCP services and search their contents for a specific string.☆16Feb 11, 2020Updated 6 years ago
- Semgrep rules specific to Frappe Framework☆56Mar 6, 2026Updated 2 weeks ago
- This script will not work with the latest version of chrome☆13May 11, 2025Updated 10 months ago
- ☆38Oct 16, 2025Updated 5 months ago