Mirrors/wavestone-cdt-edrsandblast
1
0
Fork 0
mirror of https://github.com/wavestone-cdt/EDRSandblast.git synced 2026-06-08 16:37:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
59 Commits 2 Branches 0 Tags
aa408ced60398356456e102b9e5acdb7cb0f1c8d
Commit Graph

19 Commits

Author SHA1 Message Date
Maxime Meignan 4d2789b21b added a PE_find_static_relative_reference function (not used yet) 
Function that can be used to find cross-references of a global variable
or a function
 2023-10-19 11:20:30 +02:00
Maxime Meignan 02490ec4ca Merge pull request #17 from nuts7/new-edr-drivers 
New EDR drivers
 2023-10-10 16:18:42 +02:00
Maxime Meignan 4d414edb77 Implements a check on PDB files to avoid using an invalid one and crash the machine 
When loading a PDB that was already on disk (not downloaded) for a specific PE,
verifies that the PDB file is indeed for the current version of the target PE.

(Did I just started to write a PDB file parser ?)
 2023-10-10 15:44:20 +02:00
Maxime Meignan 0b0086ea92 cosmetic changes & compiler warnings fixes 2023-10-09 14:57:49 +02:00
Maxime Meignan 43cea1f08b small cleanup in header files 2023-10-06 16:12:52 +02:00
v1k1ngfr 7be844b518 Add feature : loading unsigned driver 2023-10-06 12:48:29 +02:00
v1k1ngfr 0bbe76aab1 New BYOVD-driver support: GDRV.sys (GigaByte) 2023-10-06 12:45:28 +02:00
nuts7 3ed5638366 New EDR drivers 
This commit add some EDR drivers: BDSandBox.sys (BitDefender), MfeEEFF.sys mfprom.sys hdlpflt.sys (McAfee Inc.), TmFileEncDmk.sys (Trend Micro Inc.), psepfilter.sys (Absolute Software), cve.sys (Absolute Software Corp.), medlpflt.sys dsfa.sys cposfw.sys (Check Point Software), cpbak.sys (Checkpoint Software), SISIPSFileFilter.sys (Symantec Corp.), cbstream.sys cbk7.sys (Carbon Black) and dgdmk.sys (Verdasys Inc)
 2023-09-22 16:14:11 +02:00
Maxime Meignan 7572f09ae3 [Bugfix] _fputts did not add a LF 2023-03-16 16:41:29 +01:00
Maxime Meignan f760cd20bf Remove possibility of crash when giving a malformed CSV 2022-11-15 16:38:40 +01:00
Maxime Meignan f1a4d1c38c Fixes a relative/absolute driver path problem with service registering 2022-11-07 16:29:38 +01:00
Maxime Meignan 49fbc5d924 Updated README with ObRegisterCallbacks and offsets retrieval info 2022-08-19 22:20:46 +02:00
Qazeer 48a75a7029 D3FC0N 30 release: Obj callbacks, firewalling, symbols w/ internet, and more 
Co-authored-by: Maxime Meignan <maxime.meignan@wavestone.com>
 2022-08-13 09:23:48 -07:00
Maxime Meignan 31df6f1db8 Fixes an error in CLI handling 2022-01-27 11:03:37 +01:00
Maxime Meignan d29986ab80 Improved error verbosity 2022-01-17 17:19:21 +01:00
Maxime Meignan fa75dd9ec1 Header inclusion feng-shui (each file only includes what it needs) 2021-12-31 17:29:14 +01:00
Maxime Meignan 907d6b0a87 Cleaning up some code 2021-11-10 16:19:41 +01:00
Qazeer 9957b7a38e Adds randomization of service name 2021-11-10 01:12:48 +01:00
Maxime Meignan 4bff81986b Initial commit for public version 
Co-authored-by: Thomas Diot <thomas.diot@wavestone.com>
 2021-11-08 09:54:05 +01:00