jm33-m0 / windows-sandbox-initLinks
Rapidly initialize Windows Sanbox for malware analysis and reverse engineering
☆134Updated 3 months ago
Alternatives and similar repositories for windows-sandbox-init
Users that are interested in windows-sandbox-init are comparing it to the libraries listed below
Sorting:
- ☆303Updated 6 months ago
- ArgFuscator.net is an open-source, stand-alone web application that helps generate obfuscated command lines for common system-native exec…☆257Updated last month
- A command and control framework written in rust.☆345Updated 3 months ago
- Nameless C2 - A C2 with all its components written in Rust☆267Updated 8 months ago
- Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC☆359Updated 5 months ago
- This repository contains POC scenarios as part of CVE-2025-0411 MotW bypass.☆132Updated 3 months ago
- Fully functional, from-scratch alternative to the Cobalt Strike Beacon (red teaming tool), offering transparency and flexibility for secu…☆231Updated last year
- A collection of tools and detections for the Sliver C2 Frameworj☆126Updated 2 years ago
- Windows Persistence IT-Security☆99Updated 2 months ago
- Proof of concept & details for CVE-2025-21298☆182Updated 4 months ago
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆409Updated 10 months ago
- Invoke-ArgFuscator is an open-source, cross-platform PowerShell module that helps generate obfuscated command-lines for common system-nat…☆174Updated last month
- ☆368Updated 5 months ago
- Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advance…☆537Updated 2 weeks ago
- Simulate the behavior of AV/EDR for malware development training.☆528Updated last year
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆262Updated 2 months ago
- Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver☆274Updated last month
- Tools for analyzing EDR agents☆228Updated 11 months ago
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆416Updated 10 months ago
- POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY☆193Updated last month
- A PowerShell console in C/C++ with all the security features disabled☆244Updated 2 weeks ago
- A project that demonstrates embedding shellcode payloads into image files (like PNGs) using Python and extracting them using C/C++. Paylo…☆168Updated 3 months ago
- ☆233Updated last year
- Privilege escalation using the XAML diagnostics API (CVE-2023-36003)☆92Updated last year
- PoC for the Untrusted Pointer Dereference in the ks.sys driver☆280Updated 6 months ago
- ☆251Updated 10 months ago
- Collect Windows telemetry for Maldev☆352Updated 3 months ago
- I will be uploading all the codes which I created with the help either opensource projects or blogs. This is a step by step EDR learning …☆274Updated last year
- CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File☆301Updated 2 months ago
- This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…☆118Updated 2 weeks ago