Mirrors/wavestone-cdt-edrsandblast
1
0
Fork 0
mirror of https://github.com/wavestone-cdt/EDRSandblast.git synced 2026-06-08 16:37:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
4d2789b21b4ef48b1757bcb63dce5cdbf1a121f9
wavestone-cdt-edrsandblast/EDRSandblast/EDRSandblast.vcxproj.filters
T
Maxime Meignan 4d414edb77 Implements a check on PDB files to avoid using an invalid one and crash the machine 
When loading a PDB that was already on disk (not downloaded) for a specific PE,
verifies that the PDB file is indeed for the current version of the target PE.

(Did I just started to write a PDB file parser ?)
2023-10-10 15:44:20 +02:00

263 lines
9.0 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup>
<Filter Include="Source Files">
<UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
<Extensions>cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
</Filter>
<Filter Include="Header Files">
<UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
<Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions>
</Filter>
<Filter Include="Resource Files">
<UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
<Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
</Filter>
</ItemGroup>
<ItemGroup>
<ClCompile Include="LSASSProtectionBypass\CredGuard.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="LSASSProtectionBypass\RunAsPPL.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Utils\KernelMemoryPrimitives.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Utils\DriverOps.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Utils\FileVersion.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Utils\KernelPatternSearch.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Utils\NtoskrnlOffsets.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Utils\WdigestOffsets.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Utils\FirewallOps.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Utils\IsEDRChecks.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Utils\IsElevatedProcess.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Utils\WindowsServiceOps.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Utils\SignatureOps.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="KernellandBypass\ETWThreatIntel.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="KernellandBypass\KernelCallbacks.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="UserlandBypass\Firewalling.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="UserlandBypass\UserlandHooks.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Utils\PdbSymbols.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Utils\HttpClient.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Utils\FileUtils.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="KernellandBypass\ObjectCallbacks.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Utils\SW2_Syscalls.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="KernellandBypass\KernelUtils.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Drivers\DriverRTCore.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Utils\SyscallProcessUtils.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Drivers\DriverDBUtil.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Utils\StringUtils.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Utils\PEParser.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Utils\PEBBrowse.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Utils\RemotePEBBrowser.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Utils\ListUtils.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="UserlandBypass\Syscalls.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Utils\ProcessDump.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="UserlandBypass\ProcessDumpDirectSyscalls.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Utils\CiOffsets.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Drivers\DriverGDRV.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="KernellandBypass\KernelDSE.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Utils\PdbParser.c">
<Filter>Source Files</Filter>
</ClCompile>
</ItemGroup>
<ItemGroup>
<ClInclude Include="Includes\CredGuard.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\RunAsPPL.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\KernelMemoryPrimitives.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\DriverOps.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\FileVersion.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\KernelPatternSearch.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\NtoskrnlOffsets.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\WdigestOffsets.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\KernelCallbacks.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\ETWThreatIntel.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\PEBBrowse.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\PEParser.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\Undoc.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\Undoc_64.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\UserlandHooks.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\Firewalling.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\FirewallOps.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\IsElevatedProcess.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\WindowsServiceOps.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\SignatureOps.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\IsEDRChecks.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\PdbSymbols.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\HttpClient.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\FileUtils.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\ObjectCallbacks.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\KernelUtils.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\DriverRTCore.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\DriverDBUtil.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\SyscallProcessUtils.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\SW2_Syscalls.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\StringUtils.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\RemotePEBBrowser.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\ListUtils.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\Syscalls.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\ProcessDump.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\ProcessDumpDirectSyscalls.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\CiOffsets.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\KernelDSE.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\DriverGDRV.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\PrintFunctions.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="Includes\PdbParser.h">
<Filter>Header Files</Filter>
</ClInclude>
</ItemGroup>
<ItemGroup>
<MASM Include="Utils\SW2_Syscalls_stubs.x64.asm">
<Filter>Source Files</Filter>
</MASM>
</ItemGroup>
</Project>
Reference in New Issue View Git Blame Copy Permalink