SafeBreach Labs

All

31 repositories

WindowsDowndate
Public
A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities
Python
•
BSD 3-Clause "New" or "Revised" License
•78•602•3•0•Updated Oct 26, 2024Oct 26, 2024
QuickShell
Public
A library and a set of tools for exploiting and communicating with Google's Quick Share devices.
C++
•1•32•0•0•Updated Aug 27, 2024Aug 27, 2024
DoubleDrive
Public
A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files
Python
•
BSD 3-Clause "New" or "Revised" License
•14•123•0•0•Updated May 28, 2024May 28, 2024
CortexVortex
Public
Python
•9•72•0•0•Updated Apr 23, 2024Apr 23, 2024
MagicDot
Public
A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue
Python
•
BSD 3-Clause "New" or "Revised" License
•15•95•0•0•Updated Apr 18, 2024Apr 18, 2024
EDRaser
Public
EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual.
Python
•
BSD 3-Clause "New" or "Revised" License
•46•342•0•0•Updated Apr 6, 2024Apr 6, 2024
PoolParty
Public
A set of fully-undetectable process injection techniques abusing Windows Thread Pools
C++
•
BSD 3-Clause "New" or "Revised" License
•132•952•1•0•Updated Dec 11, 2023Dec 11, 2023
CloudMiner
Public
Execute code using Azure Automation service without getting charged
Python
•
BSD 3-Clause "New" or "Revised" License
•17•138•1•0•Updated Nov 8, 2023Nov 8, 2023
wd-pretender
Public
Python
•
BSD 3-Clause "New" or "Revised" License
•10•120•1•0•Updated Aug 9, 2023Aug 9, 2023
moovit_api_scripts
Public
Python
•
BSD 3-Clause "New" or "Revised" License
•1•4•0•0•Updated Jul 19, 2023Jul 19, 2023
aikido_wiper
Public
Python
•
BSD 3-Clause "New" or "Revised" License
•17•64•0•0•Updated Dec 9, 2022Dec 9, 2022
CoWTools
Public
Tools for analyzing Windows containers and break container's isolation
C++
•
BSD 3-Clause "New" or "Revised" License
•11•27•0•0•Updated Aug 2, 2022Aug 2, 2022
pinjectra
Public
Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)
C++
•
BSD 3-Clause "New" or "Revised" License
•157•790•2•0•Updated Mar 10, 2022Mar 10, 2022
SimpleBITSServer
Public
A simple python implementation of a BITS server.
Python
•
BSD 3-Clause "New" or "Revised" License
•23•104•1•1•Updated Mar 6, 2022Mar 6, 2022
Back2TheFuture
Public
Find patterns of vulnerabilities on Windows in order to find 0-day and write exploits of 1-days. We use Microsoft security updates in order to find the patterns.
pattern-matching ida-pro windows-updates ida-python binary-comparisons defcon29 0-day
C
•
BSD 3-Clause "New" or "Revised" License
•32•175•0•0•Updated Aug 9, 2021Aug 9, 2021
hAFL2
Public
A kAFL based hypervisor fuzzer which fully supports nested VMs
Python
•
BSD 3-Clause "New" or "Revised" License
•16•134•2•0•Updated Jul 28, 2021Jul 28, 2021
SirepRAT
Public
Remote Command Execution as SYSTEM on Windows IoT Core (releases available for Python2.7 & Python3)
raspberry-pi exploit raspberrypi rce iot-core windows-iot
Python
•
BSD 3-Clause "New" or "Revised" License
•86•373•0•0•Updated Dec 13, 2020Dec 13, 2020
Spooler
Public
C
•
BSD 3-Clause "New" or "Revised" License
•12•58•1•0•Updated Aug 7, 2020Aug 7, 2020
RSFW
Public
Request Smuggling Firewall
C++
•
BSD 3-Clause "New" or "Revised" License
•8•46•0•0•Updated Jul 20, 2020Jul 20, 2020
HRS
Public
Perl
•
BSD 3-Clause "New" or "Revised" License
•8•49•0•0•Updated Jul 20, 2020Jul 20, 2020
backdoros
Public
backdorOS is an in-memory OS written in Python 2.7 with a built-in in-memory filesystem, hooks for open() calls and imports, Python REPL etc.
python in-memory redteam fileless
Python
•
BSD 3-Clause "New" or "Revised" License
•11•67•1•0•Updated Oct 10, 2019Oct 10, 2019
BITSInject
Public
A one-click tool to inject jobs into the BITS queue (Background Intelligent Transfer Service), allowing arbitrary program execution as the NT AUTHORITY/SYSTEM account
Python
•
BSD 3-Clause "New" or "Revised" License
•18•98•0•0•Updated Aug 24, 2019Aug 24, 2019
AltFS
Public
The Alternative Fileless File System
Python
•
BSD 3-Clause "New" or "Revised" License
•13•55•0•1•Updated Apr 4, 2019Apr 4, 2019
BACE
Public
Mapping of Binaries that allows Arbitrary Code Execution
8•23•0•0•Updated May 10, 2018May 10, 2018
blog-snippets
Public
Repository of Code Snippets from various SafeBreach Blog posts
Python
•
BSD 3-Clause "New" or "Revised" License
•2•5•0•0•Updated Mar 20, 2018Mar 20, 2018
mkmalwarefrom
Public
Proof-of-concept two-stage dropper generator that uses bits from external sources
Python
•
BSD 3-Clause "New" or "Revised" License
•21•97•0•0•Updated Nov 29, 2017Nov 29, 2017
spacebin
Public
Spacebin is a proof-of-concept malware that exfiltrates data (from No Direct Internet Access environments) via triggering AV on the endpoint and then communicating back from the AV's cloud component.
Python
•
BSD 3-Clause "New" or "Revised" License
•16•84•0•0•Updated Jul 30, 2017Jul 30, 2017
cachetalk
Public
Proof-of-concept program that is able to read and write arbitrary bits using HTTP server-side caching
Python
•
BSD 3-Clause "New" or "Revised" License
•12•34•0•0•Updated Jul 14, 2017Jul 14, 2017
pyekaboo
Public
Proof-of-concept program that is able to to hijack/hook/proxy Python module(s) thanks to $PYTHONPATH variable
Python
•
BSD 3-Clause "New" or "Revised" License
•29•151•1•0•Updated May 4, 2017May 4, 2017
pwndsh
Public
Post-exploitation framework (and an interactive shell) developed in Bash shell scripting
Shell
•
BSD 3-Clause "New" or "Revised" License
•45•312•3•0•Updated Oct 22, 2016Oct 22, 2016