Wack0 / bitlocker-attacksLinks
A list of public attacks on BitLocker
☆304Updated 3 months ago
Alternatives and similar repositories for bitlocker-attacks
Users that are interested in bitlocker-attacks are comparing it to the libraries listed below
Sorting:
- A repo for TPM sniffing greatness☆227Updated 2 weeks ago
- Nuke It From Orbit - remove AV/EDR with physical access☆259Updated 5 months ago
- baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability☆327Updated last year
- WMI virus, because funny☆280Updated 4 months ago
- Tools for decoding TPM SPI transaction and extracting the BitLocker key from them.☆302Updated 3 years ago
- Memory-Dump-UEFI is a UEFI application for dumping the contents of RAM.☆154Updated 2 months ago
- Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the …☆344Updated last month
- A GUI and CLI tool for removing bloat from executables☆397Updated last month
- A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities☆666Updated 7 months ago
- ☆73Updated 3 years ago
- Wireshark RDP resources☆212Updated this week
- ☆203Updated 7 months ago
- Damn Vulnerable UEFI☆277Updated 8 months ago
- Operating System Design Review: A systemic analysis of modern systems architecture☆313Updated 3 months ago
- A system administration or post-exploitation script to automatically extract the bitlocker recovery keys from a domain.☆369Updated 4 months ago
- ☆572Updated last month
- A repository for additional files related to the book Windows Security Internals with PowerShell from No Starch Press.☆177Updated last year
- Python tool to check rootkits in Windows kernel☆196Updated 3 months ago
- This is a Ghidra script that calls OPENAI to give meaning to decompiled functions☆124Updated 10 months ago
- Decrypt the bitlocker FVEK for a bitlocker encrypted drive.☆28Updated 2 months ago
- Volatility plugin to retrieve the Full Volume Encryption Key in memory. The FVEK can then be used with the help of Dislocker to mount the…☆50Updated 5 years ago
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…☆188Updated last year
- Kernel mode WinDbg extension and PoCs for token privilege investigation.☆861Updated 4 months ago
- Patching "signtool.exe" to accept expired certificates for code-signing.☆280Updated 10 months ago
- The CIA's Marble Framework is designed to allow for flexible and easy-to-use obfuscation when developing tools.☆290Updated last year
- ☆299Updated 7 months ago
- Scripts to run within Ghidra, maintained by the Trellix ARC team☆100Updated 2 months ago
- A tool that shows detailed information about named pipes in Windows☆645Updated 6 months ago
- Brings the power of ChatGPT to Ghidra!☆151Updated 9 months ago
- SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…☆390Updated 3 weeks ago