Set of tools to analyze Windows sandboxes for exposed attack surface.
☆2,267Nov 6, 2025Updated 3 months ago
Alternatives and similar repositories for sandbox-attacksurface-analysis-tools
Users that are interested in sandbox-attacksurface-analysis-tools are comparing it to the libraries listed below
Sorting:
- A fork of AFL for fuzzing Windows binaries☆2,534Dec 5, 2025Updated 2 months ago
- A .net OLE/COM viewer and inspector to merge functionality of OleView and Test Container☆1,371Dec 9, 2024Updated last year
- RpcView is a free tool to explore and decompile Microsoft RPC interfaces☆1,042Sep 24, 2023Updated 2 years ago
- ☆837Dec 13, 2022Updated 3 years ago
- Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode☆2,503Nov 15, 2023Updated 2 years ago
- HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux☆2,946Feb 24, 2025Updated last year
- This respository is a collection of C# class libraries which implement RPC clients for various versions of the Windows Operating System f…☆285May 14, 2020Updated 5 years ago
- Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…☆3,562Oct 31, 2025Updated 4 months ago
- LSASS memory dumper using direct system calls and API unhooking.☆1,577Jan 5, 2021Updated 5 years ago
- A tool to create a JScript file which loads a .NET v2 assembly from memory.☆1,317Jan 18, 2021Updated 5 years ago
- My musings with PowerShell☆2,703Nov 19, 2021Updated 4 years ago
- Windows Object Explorer 64-bit☆1,886Feb 10, 2026Updated 2 weeks ago
- A tool to elevate privilege with Windows Tokens☆1,053Oct 6, 2023Updated 2 years ago
- Defeating Windows User Account Control☆7,377Feb 17, 2026Updated last week
- AV/EDR evasion via direct system calls.☆1,990Jan 1, 2023Updated 3 years ago
- A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.☆437Aug 22, 2018Updated 7 years ago
- Token Privilege Research☆872Sep 1, 2017Updated 8 years ago
- A Coverage Explorer for Reverse Engineers☆2,500Feb 14, 2026Updated 2 weeks ago
- Security Research from the Microsoft Security Response Center (MSRC)☆1,379Aug 8, 2024Updated last year
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆4,462Jul 8, 2025Updated 7 months ago
- Converts PE into a shellcode☆2,745Aug 30, 2025Updated 6 months ago
- Also known by Microsoft as Knifecoat☆1,153Dec 22, 2022Updated 3 years ago
- Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.☆6,861Feb 1, 2026Updated last month
- A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from …☆1,080Jul 26, 2021Updated 4 years ago
- Payload Generation Framework☆1,964Aug 21, 2024Updated last year
- Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loadi…☆3,230Sep 3, 2022Updated 3 years ago
- Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS☆1,642Oct 11, 2018Updated 7 years ago
- Process Injection☆766Oct 24, 2021Updated 4 years ago
- Windows RPC Python fuzzer☆164Nov 14, 2017Updated 8 years ago
- Run PowerShell with rundll32. Bypass software restrictions.☆1,822Mar 17, 2021Updated 4 years ago
- Examples of leaking Kernel Mode information from User Mode on Windows☆633Jul 7, 2017Updated 8 years ago
- Detect, analyze and uniquely identify crashes in Windows applications☆521May 23, 2025Updated 9 months ago
- SharpSploit is a .NET post-exploitation library written in C#☆1,859Aug 12, 2021Updated 4 years ago
- ☆234Sep 10, 2017Updated 8 years ago
- DOM fuzzer☆1,769Nov 26, 2024Updated last year
- Collection of Offensive C# Tooling☆1,469Feb 6, 2023Updated 3 years ago
- PowerShell Runspace Post Exploitation Toolkit☆1,546Aug 2, 2019Updated 6 years ago
- A tool to exploit .NET Remoting Services☆535Jul 31, 2024Updated last year
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆824Mar 10, 2022Updated 3 years ago