SafeBreach Labs

Popular repositoriesLoading

PoolPartyPoolPartyPublic
A set of fully-undetectable process injection techniques abusing Windows Thread Pools
C++ 1.1k 144
pinjectrapinjectraPublic
Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)
C++ 805 157
WindowsDowndateWindowsDowndatePublic
A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities
Python 653 86
CVE-2024-49113CVE-2024-49113Public
LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113
Python 485 114
SirepRATSirepRATPublic
Remote Command Execution as SYSTEM on Windows IoT Core (releases available for Python2.7 & Python3)
Python 378 89
EDRaserEDRaserPublic
EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual.
Python 353 48

Repositories

Showing 10 of 32 repositories

CVE-2024-49113 Public
LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113
SafeBreach-Labs/CVE-2024-49113’s past year of commit activity
Python 485BSD-3-Clause 114 6 3 UpdatedJan 2, 2025
WindowsDowndate Public
A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities
SafeBreach-Labs/WindowsDowndate’s past year of commit activity
Python 653BSD-3-Clause 86 5 0 UpdatedOct 26, 2024
QuickShell Public
A library and a set of tools for exploiting and communicating with Google's Quick Share devices.
SafeBreach-Labs/QuickShell’s past year of commit activity
C++ 36 2 0 0 UpdatedAug 27, 2024
DoubleDrive Public
A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files
SafeBreach-Labs/DoubleDrive’s past year of commit activity
Python 123BSD-3-Clause 14 0 0 UpdatedMay 28, 2024
CortexVortex Public
SafeBreach-Labs/CortexVortex’s past year of commit activity
Python 75 9 0 0 UpdatedApr 23, 2024
MagicDot Public
A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue
SafeBreach-Labs/MagicDot’s past year of commit activity
Python 96BSD-3-Clause 16 0 0 UpdatedApr 18, 2024
EDRaser Public
EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual.
SafeBreach-Labs/EDRaser’s past year of commit activity
Python 353BSD-3-Clause 48 0 0 UpdatedApr 6, 2024
PoolParty Public
A set of fully-undetectable process injection techniques abusing Windows Thread Pools
SafeBreach-Labs/PoolParty’s past year of commit activity
C++ 1,073BSD-3-Clause 144 1 0 UpdatedDec 11, 2023
CloudMiner Public
Execute code using Azure Automation service without getting charged
SafeBreach-Labs/CloudMiner’s past year of commit activity
Python 143BSD-3-Clause 19 1 0 UpdatedNov 8, 2023
wd-pretender Public
SafeBreach-Labs/wd-pretender’s past year of commit activity
Python 127BSD-3-Clause 11 1 0 UpdatedAug 9, 2023