Handle-Ripper
BLUESPAWN
Handle-Ripper | BLUESPAWN | |
---|---|---|
2 | 1 | |
189 | 1,205 | |
- | - | |
10.0 | 0.0 | |
over 1 year ago | 9 months ago | |
C++ | C++ | |
- | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Handle-Ripper
- Windows handle hijacker
-
PoC of Handle hijacking technique
Handle hijacking is a technique used in Windows operating systems to gain access to resources and resources of a system without permission. It is a type of privilege escalation attack in which a malicious user takes control of an object handle, which is an identifier that is used to reference a system object, such as a file, a directory, a process, or an event. This allows the malicious user to gain access to resources that should be inaccessible to them ,check it out. https://github.com/ZeroMemoryEx/Handle-Ripper
BLUESPAWN
-
Thesis/Project for university
I do a lot of work on an open source anti-virus project (https://github.com/ION28/BLUESPAWN), and we're always looking for new contributors. It's been a great learning experience! Not sure if you need to build something from scratch or not, though.
What are some alternatives?
atomic-red-team - Small and highly portable detection tests based on MITRE's ATT&CK.
sliver - Adversary Emulation Framework
RIP - Free,Open-Source,Cross-platform agent and Post-exploiton tool written in Golang and C++.
TelemetrySourcerer - Enumerate and disable common sources of telemetry used by AV/EDR.
x64dbg - An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
GUI-for-GoodbyeDPI - Anti Censorship Application
WinPriv - WinPriv is a utility that can enable privileges and virtually alter registry settings within a target process, amongst other things.
DripLoader - Evasive shellcode loader for bypassing event-based injection detection (PoC)
tripwire-open-source - Open Source Tripwire®
iMonitorSDK - 系统监控开发套件(sysmon、procmon、edr、终端安全、主机安全、零信任、上网行为管理、沙箱)
sysmon-modular - A repository of sysmon configuration modules