googleprojectzero / sandbox-attacksurface-analysis-toolsLinks
Set of tools to analyze Windows sandboxes for exposed attack surface.
☆2,182Updated last month
Alternatives and similar repositories for sandbox-attacksurface-analysis-tools
Users that are interested in sandbox-attacksurface-analysis-tools are comparing it to the libraries listed below
Sorting:
- ☆796Updated 2 years ago
- HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux☆2,693Updated 4 months ago
- RpcView is a free tool to explore and decompile Microsoft RPC interfaces☆983Updated last year
- Security Research from the Microsoft Security Response Center (MSRC)☆1,359Updated 10 months ago
- PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.☆646Updated 10 months ago
- A fork of AFL for fuzzing Windows binaries☆2,439Updated 2 weeks ago
- AV/EDR evasion via direct system calls.☆1,891Updated 2 years ago
- Windows Event Log Killer☆1,789Updated last year
- Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode☆2,310Updated last year
- A tool to create a JScript file which loads a .NET v2 assembly from memory.☆1,290Updated 4 years ago
- DEFCON 27 workshop - Modern Debugging with WinDbg Preview☆726Updated 7 months ago
- Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the in…☆1,144Updated last year
- Windows kernel and user mode emulation.☆1,671Updated 2 months ago
- FakeNet-NG - Next Generation Dynamic Network Analysis Tool☆1,943Updated 2 months ago
- Windows System Call Tables (NT/2000/XP/2003/Vista/7/8/10/11)☆2,359Updated 2 months ago
- Token Privilege Research☆827Updated 7 years ago
- Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)☆1,607Updated 6 years ago
- A collection of links related to VMware escape exploits☆1,437Updated 9 months ago
- Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…☆3,351Updated last month
- Run PowerShell with rundll32. Bypass software restrictions.☆1,801Updated 4 years ago
- A PowerShell Module Dedicated to Reverse Engineering☆873Updated 3 years ago
- A .net OLE/COM viewer and inspector to merge functionality of OleView and Test Container☆1,277Updated 6 months ago
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆3,562Updated last week
- Utilities for Sysmon☆1,529Updated 3 months ago
- A little toolbox to play with Microsoft Kerberos in C☆1,480Updated 3 years ago
- A static analyzer for PE executables.☆1,068Updated last year
- Demos of various injection techniques found in malware☆791Updated 3 years ago
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆813Updated 3 years ago
- ☆772Updated 2 years ago
- A Pin Tool for tracing API calls etc☆1,477Updated 2 weeks ago