googleprojectzero / symboliclink-testing-toolsLinks
☆790Updated 2 years ago
Alternatives and similar repositories for symboliclink-testing-tools
Users that are interested in symboliclink-testing-tools are comparing it to the libraries listed below
Sorting:
- Token Privilege Research☆826Updated 7 years ago
- RpcView is a free tool to explore and decompile Microsoft RPC interfaces☆976Updated last year
- PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.☆644Updated 10 months ago
- Set of tools to analyze Windows sandboxes for exposed attack surface.☆2,165Updated 2 weeks ago
- DEFCON 27 workshop - Modern Debugging with WinDbg Preview☆723Updated 7 months ago
- Checksec, but for Windows: static detection of security mitigations in executables☆591Updated 4 months ago
- ☆487Updated 7 years ago
- Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode☆2,292Updated last year
- A small, null-free Windows shellcode that executes calc.exe (x86/x64, all OS/SPs)☆412Updated last year
- A memory scanning evasion technique☆869Updated 8 years ago
- collect for learning cases☆584Updated 11 months ago
- Dump of win32k POCs for bugs I've found☆375Updated 3 years ago
- AV/EDR evasion via direct system calls.☆1,880Updated 2 years ago
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆812Updated 3 years ago
- Public repository for windbglib, a wrapper around pykd.pyd (for Windbg), used by mona.py☆327Updated 2 years ago
- Extract Windows Defender database from vdm files and unpack it☆440Updated 5 years ago
- A tool to create a JScript file which loads a .NET v2 assembly from memory.☆1,284Updated 4 years ago
- Windows - Weaponizing privileged file writes with the Update Session Orchestrator service☆389Updated 4 years ago
- ☆814Updated 5 years ago
- An extensible framework for easily writing compiler optimized position independent x86 / x64 shellcode for windows platforms.☆520Updated 5 years ago
- My implementation of enSilo's Process Doppelganging (PE injection technique)☆610Updated 2 years ago
- Also known by Microsoft as Knifecoat☆1,136Updated 2 years ago
- A tool to elevate privilege with Windows Tokens☆1,043Updated last year
- Examples of leaking Kernel Mode information from User Mode on Windows☆604Updated 7 years ago
- Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the in…☆1,140Updated last year
- Quickly debug shellcode extracted during malware analysis☆602Updated 2 years ago
- Vulnerability examples.☆405Updated last year
- Tools for instrumenting Windows Defender's mpengine.dll☆298Updated 6 years ago
- LSASS memory dumper using direct system calls and API unhooking.☆1,533Updated 4 years ago
- ☆383Updated last year