issues
search
wavestone-cdt
/
EDRSandblast
1.46k
stars
272
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Update EDRSandblast_API.c - MiniFilter Callbacks not restored see issue #30
#31
rafaelscheel
closed
2 weeks ago
1
EDRSandblast_API does not restore MiniFilter Callbacks
#30
rafaelscheel
closed
2 weeks ago
1
UNHOOK_WITH_INHOUSE_NTPROTECTVIRTUALMEMORY_TRAMPOLINE assumes patch starts at function start
#29
rafaelscheel
opened
2 months ago
1
Wait for minidump exfiltration before re-enabling the EDR's capabilities
#28
themaks
opened
7 months ago
0
Fix typo SentinelOne EDR binary
#27
nuts7
closed
7 months ago
1
Fix current build
#26
laxa
closed
7 months ago
1
Update reference to vulnerable driver
#25
maxbeckmann
closed
7 months ago
1
Implement userland ETW-Ti impairing
#24
themaks
opened
9 months ago
0
TODO: check if 24H2 edition of Windows breaks things in EDRSandblast and fix them if needed
#23
themaks
opened
9 months ago
0
WIP: Minifilter handling
#22
themaks
closed
9 months ago
1
Rotcipher
#21
nikaiw
closed
7 months ago
3
fix syscall dump method
#20
nikaiw
closed
7 months ago
1
remove some incorrect offsets
#19
nikaiw
closed
10 months ago
1
Project needs to be recompiled if used with a different vulnerable driver
#18
themaks
opened
10 months ago
0
New EDR drivers
#17
nuts7
closed
11 months ago
1
Offsets could be incorrect (because of Windows version / file version mismatch)
#16
v1k1ngfr
closed
1 year ago
2
Add feature : loading unsigned driver
#15
v1k1ngfr
closed
11 months ago
4
Add g_CiOptions offset extract "feature"
#14
v1k1ngfr
closed
11 months ago
1
Add g_CiOptions offset extract "feature"
#13
v1k1ngfr
closed
1 year ago
1
Fix multiple issues in offsets extractor
#12
laxa
closed
11 months ago
1
ExtractOffsets.py fails on linux
#11
laxa
closed
1 year ago
4
This should not happen, aborting...
#10
jc1396
closed
11 months ago
9
Support for ObRegisterCallbacks
#9
waawaa
closed
2 years ago
2
add new Tehtris driver
#8
xalicex
closed
2 years ago
1
Feature Request: MinGW compatibility
#7
sempervictus
closed
7 months ago
3
Error Starting Service on Windows 10 Pro 21H2 19044.1586
#6
fin3ss3g0d
closed
2 years ago
1
Windows Defender flagging
#5
k4nfr3
closed
2 years ago
1
Cannot bypass Kaspersky
#4
wgetnz
closed
2 years ago
2
Can you share the core files ?
#3
827Dream
closed
2 years ago
2
Fix potential buffer overrun in credguard disable
#2
JohnLaTwC
closed
2 years ago
2
Make extraction of offsets compatible with Linux
#1
zeronounours
closed
2 years ago
1