wavestone-cdt EDRSandblast issues

wavestone-cdt / EDRSandblast

1.46k stars 272 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Update EDRSandblast_API.c - MiniFilter Callbacks not restored see issue #30

#31 rafaelscheel closed 2 weeks ago
1
EDRSandblast_API does not restore MiniFilter Callbacks

#30 rafaelscheel closed 2 weeks ago
1
UNHOOK_WITH_INHOUSE_NTPROTECTVIRTUALMEMORY_TRAMPOLINE assumes patch starts at function start

#29 rafaelscheel opened 2 months ago
1
Wait for minidump exfiltration before re-enabling the EDR's capabilities

#28 themaks opened 7 months ago
0
Fix typo SentinelOne EDR binary

#27 nuts7 closed 7 months ago
1
Fix current build

#26 laxa closed 7 months ago
1
Update reference to vulnerable driver

#25 maxbeckmann closed 7 months ago
1
Implement userland ETW-Ti impairing

#24 themaks opened 9 months ago
0
TODO: check if 24H2 edition of Windows breaks things in EDRSandblast and fix them if needed

#23 themaks opened 9 months ago
0
WIP: Minifilter handling

#22 themaks closed 9 months ago
1
Rotcipher

#21 nikaiw closed 7 months ago
3
fix syscall dump method

#20 nikaiw closed 7 months ago
1
remove some incorrect offsets

#19 nikaiw closed 10 months ago
1
Project needs to be recompiled if used with a different vulnerable driver

#18 themaks opened 10 months ago
0
New EDR drivers

#17 nuts7 closed 11 months ago
1
Offsets could be incorrect (because of Windows version / file version mismatch)

#16 v1k1ngfr closed 1 year ago
2
Add feature : loading unsigned driver

#15 v1k1ngfr closed 11 months ago
4
Add g_CiOptions offset extract "feature"

#14 v1k1ngfr closed 11 months ago
1
Add g_CiOptions offset extract "feature"

#13 v1k1ngfr closed 1 year ago
1
Fix multiple issues in offsets extractor

#12 laxa closed 11 months ago
1
ExtractOffsets.py fails on linux

#11 laxa closed 1 year ago
4
This should not happen, aborting...

#10 jc1396 closed 11 months ago
9
Support for ObRegisterCallbacks

#9 waawaa closed 2 years ago
2
add new Tehtris driver

#8 xalicex closed 2 years ago
1
Feature Request: MinGW compatibility

#7 sempervictus closed 7 months ago
3
Error Starting Service on Windows 10 Pro 21H2 19044.1586

#6 fin3ss3g0d closed 2 years ago
1
Windows Defender flagging

#5 k4nfr3 closed 2 years ago
1
Cannot bypass Kaspersky

#4 wgetnz closed 2 years ago
2
Can you share the core files ?

#3 827Dream closed 2 years ago
2
Fix potential buffer overrun in credguard disable

#2 JohnLaTwC closed 2 years ago
2
Make extraction of offsets compatible with Linux

#1 zeronounours closed 2 years ago
1