tux3 / crowdstrike-cloudproto
Async rust support for the reverse-engineered Crowdstrike Falcon protocol between the Sensor and cloud services
☆9Updated last year
Alternatives and similar repositories for crowdstrike-cloudproto:
Users that are interested in crowdstrike-cloudproto are comparing it to the libraries listed below
- ☆25Updated 2 years ago
- Dangling COM Keys Finder☆15Updated 3 years ago
- ☆26Updated 3 months ago
- really ?☆12Updated 11 months ago
- A Practical example of ELAM (Early Launch Anti-Malware)☆33Updated 3 years ago
- Slides from various conference talks☆36Updated last year
- An example of how to use Microsoft Windows Warbird technology☆27Updated last year
- ☆24Updated 3 years ago
- ☆19Updated last year
- Extract data of TTD trace file to a minidump☆28Updated last year
- Subtract one PE file from another!☆20Updated 3 years ago
- run process as PPL Antimalware☆11Updated last year
- ☆18Updated 5 years ago
- ☆10Updated 5 years ago
- ☆15Updated 4 years ago
- Repository of Microsoft Driver Block Lists based off of OS-builds☆39Updated 9 months ago
- Using Thread Description To Hide Shellcodes☆14Updated 2 years ago
- Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich☆14Updated 7 months ago
- ☆14Updated last year
- ☆12Updated 2 years ago
- d☆13Updated last year
- ☆22Updated last year
- ☆12Updated last year
- Port of Mandiant ShellcodeHashes plugin from IDA to BinaryNinja☆11Updated 6 months ago
- Code Integrity Violation Spotter☆17Updated 7 months ago
- A PoC tool for exploiting leaked process and thread handles☆30Updated 11 months ago
- ☆8Updated this week
- Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.☆23Updated 4 years ago
- Windows x64 Process Scanner to detect application compatability shims☆36Updated 6 years ago
- ☆20Updated 3 years ago