issues
search
Neo23x0
/
Raccine
A Simple Ransomware Vaccine
The Unlicense
942
stars
123
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Update Raccine.sln
#35
JohnLaTwC
closed
3 years ago
0
Update raccine.cpp
#34
JohnLaTwC
closed
3 years ago
0
Patch PowerShell downgrade attacks (bypassing the newer security features)
#33
Omodaka9375
closed
3 years ago
0
GUI branch doesn't compile
#32
Eran-YT
closed
3 years ago
1
Create handle wrapper
#31
Eran-YT
closed
3 years ago
7
Code refactors
#30
Eran-YT
closed
3 years ago
5
Update raccine.cpp
#29
JohnLaTwC
closed
3 years ago
0
Convert code to modern C++
#28
Eran-YT
closed
3 years ago
3
Update raccine.cpp
#27
JohnLaTwC
closed
3 years ago
0
Create Raccine.ADML
#26
JohnLaTwC
closed
3 years ago
0
Create Raccine.ADMX
#25
JohnLaTwC
closed
3 years ago
0
Update raccine.cpp
#24
JohnLaTwC
closed
3 years ago
0
Added patch for DiskShadow.exe, fixed -quiet /quiet
#23
Omodaka9375
closed
3 years ago
1
Mordor Project - Contributing Data Samples (Simulation Mode)
#22
Cyb3rWard0g
closed
3 years ago
0
Update raccine.cpp
#21
JohnLaTwC
closed
3 years ago
3
Update raccine.cpp
#20
JohnLaTwC
closed
3 years ago
1
Added logger file, patched /e arg
#19
Omodaka9375
closed
3 years ago
2
Update raccine.cpp
#18
JohnLaTwC
closed
3 years ago
1
Check against encoded payload and Win32_Shadowcopy access
#17
Omodaka9375
closed
3 years ago
0
Add support for bcdedit exploit
#16
Omodaka9375
closed
3 years ago
0
Too easily bypassed
#15
ghost
opened
3 years ago
3
A few assorted fixes and cleanups
#14
hillu
closed
3 years ago
0
Added a check for 'delete shadowstorage'
#13
JohnLaTwC
closed
3 years ago
0
email?
#12
METMECIT
closed
3 years ago
1
Consider Parent PID spoofing
#11
JohnLaTwC
opened
3 years ago
5
Check for allocation success before using buffer.
#10
JohnLaTwC
closed
3 years ago
1
IntegrityLevel returns High (3) for SECURITY_MANDATORY_SYSTEM_RID IL processes because of >= check.
#9
JohnLaTwC
closed
3 years ago
1
Pragma comment to fix the advapi32.lib linking issue
#8
olliencc
closed
3 years ago
0
Fix a bug, add explorer.exe to the allowlist and add integrity level checks
#7
olliencc
closed
3 years ago
0
Raccine could also verify the process integrity level when comparing a suspect process with the allowlist
#6
247arjun
closed
3 years ago
1
Fix bug, add event logging and block Adam loop hole
#5
olliencc
closed
3 years ago
0
allowlist should use the full file path of allowed EXEs (instead of just EXE name)
#4
247arjun
closed
3 years ago
0
Add an eventlog message, close loophole and fix a bug
#3
olliencc
closed
3 years ago
0
Hack to stop Image Execution Options invoking on the spawned version
#2
olliencc
closed
3 years ago
0
Added feature #1 - allow certain vssadmin execution
#1
olliencc
closed
3 years ago
0
Previous