huoji120 / DuckSandboxDetect
沙箱测试,测评国内常见沙箱的代码与结论
☆98Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for DuckSandboxDetect
- 简单安排一下 autochk.sys 这个rootkit☆67Updated last year
- bypass BeaconEye☆88Updated 3 years ago
- IDA Python script for generating Windows x86 shellcode with one click☆35Updated last year
- 加密壳☆33Updated 4 years ago
- 具备对PE文件添加区段、添加花指令、对代码段加密、修复重定位、加密IAT等功能☆58Updated 4 years ago
- 通过ACPI检测沙箱☆43Updated last year
- ☆36Updated 4 years ago
- power-kill is a project that kill protected processes (such as EDR or AV) by injecting shellcode into high privilege processes☆46Updated 3 years ago
- 过360拦截加载无驱动签名☆59Updated 3 years ago
- ☆86Updated 2 years ago
- ☆22Updated 3 years ago
- 一个加壳工具☆62Updated 5 years ago
- ☆30Updated 4 years ago
- Kill Protected Process Light Process (include av)☆54Updated last year
- 过去写的一些Windows安全研究相关代码☆134Updated 5 years ago
- 白文件扫描器 非公开☆26Updated 3 years ago
- windwos内核研究与驱动Code☆60Updated 2 years ago
- 利用图片隐写术来远程动态加载shellcode☆96Updated 2 years ago
- demo抛砖引玉作为一个思路,此思路再魔改一下是可以连着主动防御整个关掉的,还在用,就不演示了☆8Updated 2 years ago
- ☆72Updated 3 years ago
- Windows CVE主防(HIPS/HIDS)☆54Updated 3 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆62Updated 2 years ago
- 基于行为特征进行快速匹配病毒专杀工具,辅助应急响应☆38Updated 4 years ago
- Hades is a Host-Based Intrusion Detection System based on both eBPF(kernel) and netlink/cn_proc(userspace).☆22Updated 3 weeks ago
- CobaltStrikeDetect☆45Updated 3 years ago
- Windows Kernel Knowledge && Collect Resources on the wire && Nothing innovation by myself &&☆51Updated 2 months ago
- 笔 者的在原作者池风水利用工具(以下简称工具)基础上进行二次开发,新增了全自动获取内核调试模块符号的偏移量及配置参数和不同漏洞利用方式优化等功能, 解决了不同Windows版本适配问题,工具包括适配驱动和利用程序两部分组成,实现了在Windows 10 19H1之后任意版本包…☆77Updated 2 years ago
- Search for information from manifests☆43Updated 5 years ago
- 记录一下我学习的Win32CPP☆52Updated 3 years ago
- ☆23Updated 2 years ago