jm33-m0 / windows-sandbox-initLinks
Rapidly initialize Windows Sandbox for malware analysis and reverse engineering
☆146Updated last month
Alternatives and similar repositories for windows-sandbox-init
Users that are interested in windows-sandbox-init are comparing it to the libraries listed below
Sorting:
- Windows Persistence IT-Security☆108Updated 10 months ago
- This repository contains POC scenarios as part of CVE-2025-0411 MotW bypass.☆153Updated 10 months ago
- We found a way to DLL sideload with cleanmgr.exe☆95Updated 10 months ago
- Exploit for CVE-2025-11001 or CVE-2025-11002☆148Updated 2 months ago
- Fully functional, from-scratch alternative to the Cobalt Strike Beacon (red teaming tool), offering transparency and flexibility for secu…☆258Updated last year
- A collection of tools and detections for the Sliver C2 Frameworj☆132Updated 2 years ago
- Enumerate active EDR's on the system☆147Updated 3 months ago
- SilentButDeadly is a network communication blocker specifically designed to neutralize EDR/AV software by preventing their cloud connecti…☆414Updated 2 months ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆139Updated last year
- Two tools written in C that block network traffic for blacklisted EDR processes, using either Windows Defender Firewall (WDF) or Windows …☆255Updated 3 months ago
- Extract data from modern Chrome versions, including refresh tokens, cookies, saved credentials, autofill data, browsing history, and book…☆489Updated last week
- Nameless C2 - A C2 with all its components written in Rust☆283Updated last year
- TeamViewer User to Kernel Elevation of Privilege PoC. CVE-2024-7479 and CVE-2024-7481. ZDI-24-1289 and ZDI-24-1290. TV-2024-1006.☆135Updated last year
- Just a simple silly PoC demonstrating executable "exe" file that can be used like exe, dll or shellcode...☆170Updated last year
- Smart keylogging capability to steal SSH Credentials including password & Private Key☆150Updated 9 months ago
- The dragon in the dark. A red team post exploitation framework for testing security controls during red team assessments.☆428Updated last week
- Privilege escalation using the XAML diagnostics API (CVE-2023-36003)☆93Updated 2 years ago
- Convert your shellcode into an ASCII string☆124Updated 6 months ago
- Detect WFP filters blocking EDR communications☆96Updated 2 years ago
- A user-mode code and its rootkit that will Kill EDR Processes permanently by leveraging the power of Process Creation Blocking Kernel Cal…☆251Updated 7 months ago
- Proof of concept & details for CVE-2025-21298☆192Updated 11 months ago
- ☆332Updated 3 months ago
- A tool that supports finding and abusing whitelisted programs to allow arbitrary file writing into the executable folder of Antivirus sof…☆80Updated 2 months ago
- A command and control framework written in rust.☆383Updated 4 months ago
- Comprehensive Windows Syscall Extraction & Analysis Framework☆160Updated 4 months ago
- ☆48Updated last month
- Red teaming tool to dump LSASS memory, bypassing basic countermeasures.☆247Updated 2 months ago
- ☆136Updated last year
- CVE-2025-33053 Proof Of Concept (PoC)☆63Updated 6 months ago
- CVE-2024-38200 & CVE-2024-43609 - Microsoft Office NTLMv2 Disclosure Vulnerability☆146Updated 11 months ago