EDRSandblast
By wavestone-cdt
lazy_importer
library for importing functions from dlls in a hidden, reverse engineer unfriendly way (by JustasMasiulis)
EDRSandblast | lazy_importer | |
---|---|---|
5 | 1 | |
1,365 | 1,503 | |
- | - | |
7.9 | 4.2 | |
4 months ago | 10 months ago | |
C | C++ | |
- | Apache License 2.0 |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
EDRSandblast
Posts with mentions or reviews of EDRSandblast.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-12-07.
- GitHub - wavestone-cdt/EDRSandblast - PoC & Guide: Windows EDR bypass through Kernel callbacks removal
-
Has testing been done against new EDR Evasion tool - EDRSandBlast
EDrSandBlast Tool
- EDRSandblast: EDRSandBlast is a tool written in C that weaponize a vulnerable signed driver to bypass EDR detections (Kernel callbacks and ETW TI provider) and LSASS protections. Multiple userland unhooking techniques are also implemented to evade userland monitoring.
- PoC & Guide: Windows EDR bypass through Kernel callbacks removal
- EDRSandBlast - A tool written in C that weaponize a vulnerable signed driver to bypass EDR detections (Kernel callbacks and ETW TI provider) and LSASS protections. Multiple userland unhooking techniques are also implemented to evade userland monitoring
lazy_importer
Posts with mentions or reviews of lazy_importer.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-12-07.
What are some alternatives?
When comparing EDRSandblast and lazy_importer you can also consider the following projects:
WechatExporter - Wechat Chat History Exporter 微信聊天记录导出备份程序
vmpfix - Universal x86/x64 VMProtect 2.0-3.X Import fixer
R3nzSkin - Skin changer for League of Legends (LOL)
llvm-string-obfuscator - LLVM String Obfuscator
inline_syscall - Inline syscalls made easy for windows on clang
UBoat - HTTP Botnet
peekaboo - Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.
x64dbg - An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
Osiris - Cross-platform game hack for Counter-Strike 2 with Panorama-based GUI.
gta5view - Open Source Snapmatic and Savegame viewer/editor for GTA V
de4py - toolkit for python reverse engineering