Add: wavestone-cdt/EdrSandblast to Defense Evasion section

2025-01-10 15:19:28 -05:00 · 2021-12-07 13:45:47 +07:00 · 2021-12-07 13:45:47 +07:00 · ccd6bcbda5
commit ccd6bcbda5
parent f1dcd1ed10
1 changed files with 4 additions and 0 deletions
--- a/Offensive.md
+++ b/Offensive.md
@ -1641,6 +1641,10 @@ Some tools can be categorized in more than one category. But because the current
        <td><a href="https://github.com/Wra7h/Single-Dose">Wra7h/Single-Dose</a></td>
        <td>Generate process injection binaries</td>
    </tr>
+    <tr>
+        <td><a href="https://github.com/wavestone-cdt/EdrSandblast">wavestone-cdt/EdrSandblast</a></td>
+        <td>EDRSandBlast is a tool written in C that weaponize a vulnerable signed driver to bypass EDR detections (Kernel callbacks and ETW TI provider) and LSASS protections</td>
+    </tr>
    <tr>
        <td><a href="https://github.com/xct/morbol">xct/morbol</a></td>
        <td>Simple AV Evasion for PE Files</td>