SafeBreach-Labs / WindowsDowndateLinks
A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities
☆689Updated last year
Alternatives and similar repositories for WindowsDowndate
Users that are interested in WindowsDowndate are comparing it to the libraries listed below
Sorting:
- EDR-Freeze is a tool that puts a process of EDR, AntiMalware into a coma state.☆778Updated last month
- EDR Lab for Experimentation Purposes☆1,387Updated last month
- Moriarty is designed to enumerate missing KBs, detect various vulnerabilities, and suggest potential exploits for Privilege Escalation in…☆511Updated last year
- Complete list of LPE exploits for Windows (starting from 2023)☆847Updated 2 weeks ago
- Because AV evasion should be easy.☆839Updated last year
- Simulate the behavior of AV/EDR for malware development training.☆551Updated last year
- HookChain: A new perspective for Bypassing EDR Solutions☆576Updated 11 months ago
- ☆607Updated last month
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆737Updated 4 months ago
- A set of fully-undetectable process injection techniques abusing Windows Thread Pools☆1,219Updated 2 years ago
- Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes☆1,035Updated 2 years ago
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆447Updated last year
- Centralized resource for listing and organizing known injection techniques and POCs☆662Updated this week
- AV/EDR Lab environment setup references to help in Malware development☆418Updated 9 months ago
- Inject DLLs into the explorer process using icons☆388Updated 6 months ago
- Automated Multi UAC BYPASS for win10|win11|win12-pre-release|ws2019|ws2022☆452Updated last year
- Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".☆732Updated 6 months ago
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆581Updated last year
- Analyse your malware to surgically obfuscate it☆509Updated 6 months ago
- Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advance…☆565Updated 6 months ago
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆438Updated last year
- Dump cookies and credentials directly from Chrome/Edge process memory☆1,379Updated 2 months ago
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆1,198Updated 2 years ago
- Kernel mode WinDbg extension and PoCs for token privilege investigation.☆895Updated 10 months ago
- kill anti-malware protected processes ( BYOVD ) ( Microsoft Won )☆968Updated 2 years ago
- LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113☆505Updated 11 months ago
- PoCs and tools for investigation of Windows process execution techniques☆945Updated last month
- Spartacus DLL/COM Hijacking Toolkit☆1,072Updated last year
- Killer is a super simple tool designed to bypass AV/EDR security tools using various evasive techniques.☆832Updated last year
- Real fucking shellcode encryptor & obfuscator tool☆977Updated last month