jm33-m0 / windows-sandbox-initLinks
Rapidly initialize Windows Sandbox for malware analysis and reverse engineering
☆145Updated 2 weeks ago
Alternatives and similar repositories for windows-sandbox-init
Users that are interested in windows-sandbox-init are comparing it to the libraries listed below
Sorting:
- Windows Persistence IT-Security☆108Updated 9 months ago
- This repository contains POC scenarios as part of CVE-2025-0411 MotW bypass.☆151Updated 9 months ago
- Exploit for CVE-2025-11001 or CVE-2025-11002☆143Updated last month
- Enumerate active EDR's on the system☆146Updated 2 months ago
- Fully functional, from-scratch alternative to the Cobalt Strike Beacon (red teaming tool), offering transparency and flexibility for secu…☆255Updated last year
- Smart keylogging capability to steal SSH Credentials including password & Private Key☆146Updated 8 months ago
- A user-mode code and its rootkit that will Kill EDR Processes permanently by leveraging the power of Process Creation Blocking Kernel Cal…☆250Updated 6 months ago
- Proof of concept & details for CVE-2025-21298☆191Updated 10 months ago
- A collection of tools and detections for the Sliver C2 Frameworj☆133Updated 2 years ago
- TeamViewer User to Kernel Elevation of Privilege PoC. CVE-2024-7479 and CVE-2024-7481. ZDI-24-1289 and ZDI-24-1290. TV-2024-1006.☆136Updated 11 months ago
- We found a way to DLL sideload with cleanmgr.exe☆95Updated 9 months ago
- SilentButDeadly is a network communication blocker specifically designed to neutralize EDR/AV software by preventing their cloud connecti…☆403Updated last month
- A reference of Windows API function calls, including functions for file operations, process management, memory management, thread managem…☆113Updated 2 years ago
- PoC for CVE-2025-22457 - A remote unauthenticated stack based buffer overflow affecting Ivanti Connect Secure, Pulse Connect Secure, Ivan…☆70Updated 7 months ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆139Updated last year
- Nameless C2 - A C2 with all its components written in Rust☆281Updated last year
- Two tools written in C that block network traffic for blacklisted EDR processes, using either Windows Defender Firewall (WDF) or Windows …☆252Updated 2 months ago
- ☆255Updated 5 months ago
- Detect WFP filters blocking EDR communications☆95Updated last year
- ☆137Updated last year
- ☆123Updated last year
- ☆330Updated 3 months ago
- Just a simple silly PoC demonstrating executable "exe" file that can be used like exe, dll or shellcode...☆169Updated last year
- Red teaming tool to dump LSASS memory, bypassing basic countermeasures.☆242Updated last month
- SharePoint WebPart Injection Exploit Tool☆305Updated 2 weeks ago
- Охотник (Hunter) is a simple Adversary Simulation tool developed for achieves stealth through API unhooking, direct and indirect syscalls…☆90Updated 7 months ago
- ☆163Updated 2 years ago
- CVE-2025-33053 Proof Of Concept (PoC)☆62Updated 5 months ago
- lolC2 is a collection of C2 frameworks that leverage legitimate services to evade detection☆251Updated 6 months ago
- Safely detect whether a FortiGate SSL VPN is vulnerable to CVE-2024-21762☆106Updated last year