jm33-m0 / windows-sandbox-initLinks
Rapidly initialize Windows Sandbox for malware analysis and reverse engineering
☆137Updated 6 months ago
Alternatives and similar repositories for windows-sandbox-init
Users that are interested in windows-sandbox-init are comparing it to the libraries listed below
Sorting:
- This repository contains POC scenarios as part of CVE-2025-0411 MotW bypass.☆138Updated 5 months ago
- Windows Persistence IT-Security☆103Updated 5 months ago
- Enumerate active EDR's on the system☆97Updated 2 weeks ago
- Fully functional, from-scratch alternative to the Cobalt Strike Beacon (red teaming tool), offering transparency and flexibility for secu…☆244Updated last year
- Nameless C2 - A C2 with all its components written in Rust☆274Updated 11 months ago
- A command and control framework written in rust.☆362Updated last week
- We found a way to DLL sideload with cleanmgr.exe☆92Updated 6 months ago
- A user-mode code and its rootkit that will Kill EDR Processes permanently by leveraging the power of Process Creation Blocking Kernel Cal…☆219Updated 2 months ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆140Updated last year
- Just a simple silly PoC demonstrating executable "exe" file that can be used like exe, dll or shellcode...☆158Updated 11 months ago
- A collection of tools and detections for the Sliver C2 Frameworj☆128Updated 2 years ago
- ☆301Updated 9 months ago
- Two tools written in C that block network traffic for blacklisted EDR processes, using either Windows Defender Firewall (WDF) or Windows …☆200Updated 2 weeks ago
- ☆17Updated 7 months ago
- A reference of Windows API function calls, including functions for file operations, process management, memory management, thread managem…☆107Updated last year
- TeamViewer User to Kernel Elevation of Privilege PoC. CVE-2024-7479 and CVE-2024-7481. ZDI-24-1289 and ZDI-24-1290. TV-2024-1006.☆137Updated 8 months ago
- ☆41Updated last month
- ☆236Updated last month
- ☆403Updated 8 months ago
- ☆136Updated last year
- Detect WFP filters blocking EDR communications☆93Updated last year
- Convert your shellcode into an ASCII string☆113Updated 2 months ago
- Proof of concept & details for CVE-2025-21298☆189Updated 7 months ago
- A tool to transform Chromium browsers into a C2 Implant☆439Updated 2 weeks ago
- Smart keylogging capability to steal SSH Credentials including password & Private Key☆138Updated 5 months ago
- Охотник (Hunter) is a simple Adversary Simulation tool developed for achieves stealth through API unhooking, direct and indirect syscalls…☆87Updated 4 months ago
- Linux post-exploitation agent that uses io_uring to stealthily bypass EDR detection by avoiding traditional syscalls.☆295Updated this week
- ☆234Updated 2 years ago
- Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process☆266Updated last year
- Note: I am not responsible for any bad act. This is written by Chirag Artani to demonstrate the vulnerability.☆86Updated last year