Add google/sandbox-attacksurface-analysis-tools

2024-06-29 15:12:09 +00:00 · 2017-11-19 23:44:19 +07:00 · 2017-11-19 23:44:19 +07:00 · 6884954db0
commit 6884954db0
parent 382fec955f
1 changed files with 4 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -541,6 +541,10 @@ My curated list of awesome links, resources and tools
        <td><a href="https://github.com/api0cradle/UltimateAppLockerByPassList">api0cradle/UltimateAppLockerByPassList</a></td>
        <td>The goal of this repository is to document the most common techniques to bypass AppLocker.</td>
    </tr>
+    <tr>
+        <td><a href="https://github.com/google/sandbox-attacksurface-analysis-tools">google/sandbox-attacksurface-analysis-tools</a></td>
+        <td>This is a small suite of tools to test various properties of sandboxes on Windows. Many of the checking tools take a -p flag which is used to specify the PID of a sandboxed process. The tool will impersonate the token of that process and determine what access is allowed from that location. Also it's recommended to run these tools as an administrator or local system to ensure the system can be appropriately enumerated.</td>
+    </tr>
    <tr>
        <td><a href="https://github.com/hlldz/Invoke-Phant0m">hlldz/Invoke-Phant0m</a></td>
        <td>Windows Event Log Killer</td>