Alternatives and similar repositories for windows-sandbox-init

Users that are interested in windows-sandbox-init are comparing it to the libraries listed below

• Teach2Breach / Tempest
  A command and control framework written in rust.
  ☆343Updated 2 months ago
• dhmosfunk / 7-Zip-CVE-2025-0411-POC
  This repository contains POC scenarios as part of CVE-2025-0411 MotW bypass.
  ☆131Updated 2 months ago
• OtterHacker / Conferences
  ☆301Updated 6 months ago
• trickster0 / NamelessC2
  Nameless C2 - A C2 with all its components written in Rust
  ☆266Updated 7 months ago
• flostyen / windows-persistence
  Windows Persistence IT-Security
  ☆100Updated 2 months ago
• Helixo32 / CrimsonEDR
  Simulate the behavior of AV/EDR for malware development training.
  ☆524Updated last year
• Offensive-Panda / ShadowDumper
  Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advance…
  ☆533Updated last month
• logangoins / Krueger
  Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC
  ☆355Updated 4 months ago
• wietze / Invoke-ArgFuscator
  Invoke-ArgFuscator is an open-source, cross-platform PowerShell module that helps generate obfuscated command-lines for common system-nat…
  ☆171Updated last month
• vxCrypt0r / Voidmaw
  A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders imp…
  ☆308Updated 7 months ago
• rad9800 / BootExecuteEDR
  ☆356Updated 5 months ago
• V-i-x-x / kernel-callback-removal
  kernel callback removal (Bypassing EDR Detections)
  ☆162Updated last month
• Meowmycks / LetMeowIn
  A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.
  ☆408Updated 10 months ago
• Immersive-Labs-Sec / SliverC2-Forensics
  A collection of tools and detections for the Sliver C2 Frameworj
  ☆126Updated 2 years ago
• Dump-GUY / EXE-or-DLL-or-ShellCode
  Just a simple silly PoC demonstrating executable "exe" file that can be used like exe, dll or shellcode...
  ☆156Updated 8 months ago
• ElJaviLuki / CobaltStrike_OpenBeacon
  Fully functional, from-scratch alternative to the Cobalt Strike Beacon (red teaming tool), offering transparency and flexibility for secu…
  ☆227Updated last year
• floesen / EventLogCrasher
  ☆187Updated last year
• senzee1984 / EDRPrison
  Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry
  ☆409Updated 9 months ago
• 0x6rss / CVE-2025-24071_PoC
  CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File
  ☆278Updated last month
• rweijnen / createdump
  Leverage WindowsApp createdump tool to obtain an lsass dump
  ☆149Updated 7 months ago
• lolc2 / lolc2.github.io
  lolC2 is a collection of C2 frameworks that leverage legitimate services to evade detection
  ☆204Updated 2 weeks ago
• MaorSabag / TrueSightKiller
  CPP AV/EDR Killer
  ☆410Updated last year
• FalconOpsLLC / goexec
  Windows remote execution multitool
  ☆476Updated last week
• 0xdea / blindsight
  Red teaming tool to dump LSASS memory, bypassing basic countermeasures.
  ☆227Updated 4 months ago
• BlackSnufkin / Invoke-DumpMDEConfig
  PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges requir…
  ☆148Updated 11 months ago
• EvilBytecode / EDR-XDR-AV-Killer
  Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver
  ☆273Updated 3 weeks ago
• m417z / CVE-2023-36003-POC
  Privilege escalation using the XAML diagnostics API (CVE-2023-36003)
  ☆92Updated last year
• ynwarcs / CVE-2025-21298
  Proof of concept & details for CVE-2025-21298
  ☆180Updated 3 months ago
• AmberWolfCyber / NachoVPN
  A delicious, but malicious SSL-VPN server 🌮
  ☆219Updated 5 months ago
• fin3ss3g0d / StoneKeeper
  StoneKeeper C2, an experimental EDR evasion framework for research purposes
  ☆201Updated 4 months ago