googleprojectzero / sandbox-attacksurface-analysis-tools
Set of tools to analyze Windows sandboxes for exposed attack surface.
☆2,152Updated 4 months ago
Alternatives and similar repositories for sandbox-attacksurface-analysis-tools:
Users that are interested in sandbox-attacksurface-analysis-tools are comparing it to the libraries listed below
- ☆785Updated 2 years ago
- HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux☆2,627Updated 2 months ago
- A fork of AFL for fuzzing Windows binaries☆2,423Updated 3 weeks ago
- RpcView is a free tool to explore and decompile Microsoft RPC interfaces☆965Updated last year
- FakeNet-NG - Next Generation Dynamic Network Analysis Tool☆1,895Updated 2 weeks ago
- Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…☆3,282Updated this week
- Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…☆2,148Updated 3 weeks ago
- PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.☆639Updated 8 months ago
- DEFCON 27 workshop - Modern Debugging with WinDbg Preview☆720Updated 5 months ago
- AV/EDR evasion via direct system calls.☆1,864Updated 2 years ago
- Windows kernel and user mode emulation.☆1,636Updated 3 weeks ago
- A collection of links related to VMware escape exploits☆1,416Updated 7 months ago
- Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the in…☆1,133Updated last year
- Demos of various injection techniques found in malware☆791Updated 3 years ago
- Checksec, but for Windows: static detection of security mitigations in executables☆583Updated 3 months ago
- Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loadi…☆2,894Updated 2 years ago
- A static analyzer for PE executables.☆1,057Updated last year
- Noriben - Portable, Simple, Malware Analysis Sandbox☆1,149Updated last week
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆3,508Updated this week
- Windows Object Explorer 64-bit☆1,742Updated 2 weeks ago
- Windows Event Log Killer☆1,781Updated last year
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆810Updated 3 years ago
- A Pin Tool for tracing API calls etc☆1,413Updated 2 months ago
- My musings with PowerShell☆2,658Updated 3 years ago
- IDA Pro utilities from FLARE team☆2,307Updated 5 months ago
- Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)☆1,604Updated 6 years ago
- Security Research from the Microsoft Security Response Center (MSRC)☆1,351Updated 8 months ago
- A tool to create a JScript file which loads a .NET v2 assembly from memory.☆1,277Updated 4 years ago
- Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode☆2,263Updated last year
- Run PowerShell with rundll32. Bypass software restrictions.☆1,797Updated 4 years ago