jm33-m0 / windows-sandbox-initLinks
Rapidly initialize Windows Sandbox for malware analysis and reverse engineering
☆142Updated 7 months ago
Alternatives and similar repositories for windows-sandbox-init
Users that are interested in windows-sandbox-init are comparing it to the libraries listed below
Sorting:
- A collection of tools and detections for the Sliver C2 Frameworj☆129Updated 2 years ago
- Windows Persistence IT-Security☆105Updated 6 months ago
- This repository contains POC scenarios as part of CVE-2025-0411 MotW bypass.☆140Updated 6 months ago
- Fully functional, from-scratch alternative to the Cobalt Strike Beacon (red teaming tool), offering transparency and flexibility for secu…☆248Updated last year
- Enumerate active EDR's on the system☆107Updated last month
- Nameless C2 - A C2 with all its components written in Rust☆275Updated last year
- We found a way to DLL sideload with cleanmgr.exe☆94Updated 7 months ago
- Proof of concept & details for CVE-2025-21298☆189Updated 8 months ago
- ☆322Updated last month
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆140Updated last year
- Privilege escalation using the XAML diagnostics API (CVE-2023-36003)☆94Updated last year
- A user-mode code and its rootkit that will Kill EDR Processes permanently by leveraging the power of Process Creation Blocking Kernel Cal…☆225Updated 3 months ago
- Smart keylogging capability to steal SSH Credentials including password & Private Key☆144Updated 6 months ago
- ☆326Updated this week
- ☆241Updated 2 months ago
- Two tools written in C that block network traffic for blacklisted EDR processes, using either Windows Defender Firewall (WDF) or Windows …☆238Updated last month
- TeamViewer User to Kernel Elevation of Privilege PoC. CVE-2024-7479 and CVE-2024-7481. ZDI-24-1289 and ZDI-24-1290. TV-2024-1006.☆135Updated 9 months ago
- EDR-Freeze is a tool that puts a process of EDR, AntiMalware into a coma state.☆245Updated last week
- Just a simple silly PoC demonstrating executable "exe" file that can be used like exe, dll or shellcode...☆159Updated last year
- A tool to transform Chromium browsers into a C2 Implant☆473Updated 3 weeks ago
- ☆234Updated 2 years ago
- A command and control framework written in rust.☆370Updated 3 weeks ago
- Detect WFP filters blocking EDR communications☆93Updated last year
- Red teaming tool to dump LSASS memory, bypassing basic countermeasures.☆237Updated 8 months ago
- Tools for analyzing EDR agents☆249Updated last year
- Different methods to get current username without using whoami☆178Updated last year
- ☆402Updated 9 months ago
- ☆67Updated last year
- Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.☆300Updated last year
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆148Updated last year