googleprojectzero / sandbox-attacksurface-analysis-toolsLinks
Set of tools to analyze Windows sandboxes for exposed attack surface.
☆2,172Updated 2 weeks ago
Alternatives and similar repositories for sandbox-attacksurface-analysis-tools
Users that are interested in sandbox-attacksurface-analysis-tools are comparing it to the libraries listed below
Sorting:
- ☆790Updated 2 years ago
- HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux☆2,668Updated 3 months ago
- FakeNet-NG - Next Generation Dynamic Network Analysis Tool☆1,925Updated last month
- RpcView is a free tool to explore and decompile Microsoft RPC interfaces☆976Updated last year
- Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode☆2,297Updated last year
- AV/EDR evasion via direct system calls.☆1,884Updated 2 years ago
- A fork of AFL for fuzzing Windows binaries☆2,432Updated 2 months ago
- Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…☆3,323Updated last week
- PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.☆644Updated 10 months ago
- DEFCON 27 workshop - Modern Debugging with WinDbg Preview☆723Updated 7 months ago
- A collection of links related to VMware escape exploits☆1,432Updated 9 months ago
- Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the in…☆1,140Updated last year
- Windows kernel and user mode emulation.☆1,658Updated 2 months ago
- A tool to create a JScript file which loads a .NET v2 assembly from memory.☆1,284Updated 4 years ago
- Windows Event Log Killer☆1,787Updated last year
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆3,552Updated this week
- Windows System Call Tables (NT/2000/XP/2003/Vista/7/8/10/11)☆2,331Updated last month
- ☆768Updated 2 years ago
- Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…☆2,168Updated last week
- Run PowerShell with rundll32. Bypass software restrictions.☆1,798Updated 4 years ago
- Token Privilege Research☆826Updated 7 years ago
- A memory scanning evasion technique☆869Updated 8 years ago
- Security Research from the Microsoft Security Response Center (MSRC)☆1,358Updated 9 months ago
- Shellcode Compiler☆1,105Updated 9 months ago
- List of Awesome Advanced Windows Exploitation References☆1,494Updated 3 years ago
- Noriben - Portable, Simple, Malware Analysis Sandbox☆1,156Updated last month
- Windows Object Explorer 64-bit☆1,760Updated this week
- Checksec, but for Windows: static detection of security mitigations in executables☆591Updated 4 months ago
- Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)☆1,606Updated 6 years ago
- A static analyzer for PE executables.☆1,065Updated last year