CVE-2026-41089 PoC — Netlogon CLDAP stack buffer overflow (CVSS 9.8 CRITICAL)
☆207Jun 2, 2026Updated last month
Alternatives and similar repositories for CVE-2026-41089
Users that are interested in CVE-2026-41089 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Full exploit code for CVE-2026-40369 - A Windows kernel arbitrary write vulnerability that allows browser sandbox escape from all browser…☆254May 18, 2026Updated last month
- Code and data for our paper "Onelogon: Taking over Active Directory Accounts via Netlogon" (WOOT’26).☆107Jun 22, 2026Updated 3 weeks ago
- CVE-2026-31431-killed page-cache exploit — code exec into containers sharing the same image layer☆74May 6, 2026Updated 2 months ago
- Dump TGTs remotely and convert Windows' klist binary output to ccache.☆80Jun 30, 2026Updated 2 weeks ago
- Multi-architecture Linux privilege escalation toolkit with 24 pre-built and runtime-compilable exploits. Auto-detects kernel version, fil…☆303Jul 7, 2026Updated last week
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A stealthier approach to WMI-based command execution using Impacket without touching the disk.☆85Mar 15, 2026Updated 3 months ago
- Extract Windows credentials directly from VM memory snapshots and virtual disks☆1,415Jun 7, 2026Updated last month
- PoC for exploiting CVE-2026-26128.☆62May 6, 2026Updated 2 months ago
- A Cobalt Strike BOF implementation of the SilentHarvest registry dumping technique☆182Apr 14, 2026Updated 3 months ago
- PoC: fully unprivileged container escape to node-level code execution on Kubernetes via CVE-2026-31431 page-cache corruption + shared ima…☆181May 7, 2026Updated 2 months ago
- Havoc BOF implementation of BYOVD attack to terminate PPL-protected EDR processes using a signed Microsoft kernel driver.☆39Apr 6, 2026Updated 3 months ago
- Another new coercion primitive with LPE - machine-account NTLM coercion from a non-admin user via Windows Store InstallService plugin res…☆86Jun 20, 2026Updated 3 weeks ago
- Async BOF to automatically extract or renew Kerberos TGTs on a target system.☆134Updated this week
- A Cobalt Strike Beacon Object File that exploits the BlueHammer vulnerability that to obtain a copy of the SAM database.☆166Apr 15, 2026Updated 2 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- DCOM in memory and fileless lateral movement techniques through .Net deserilization☆272Jun 22, 2026Updated 3 weeks ago
- COM Windows Persistence Technique☆89Apr 27, 2026Updated 2 months ago
- Another BYOVD process killer. works on all EDR's. fully signed.☆285May 19, 2026Updated last month
- RoguePlanet Windows Defender Vulnerability☆1,531Jun 9, 2026Updated last month
- KslDump — Why bring your own knife when Defender already left one in the kitchen?☆392Apr 13, 2026Updated 3 months ago
- poc it like it's hot☆839Jun 30, 2026Updated 2 weeks ago
- Drupal Core PostgreSQL SQL Injection PoC - CVE-2026-9082. Ethical PoC for the Drupal vulnerability allowing anonymous SQL injection throu…☆19May 21, 2026Updated last month
- Windows security research toolkit for LPE, persistence, COM hijacking, and attack surface enumeration.☆204Jun 13, 2026Updated last month
- ☆68Jun 1, 2026Updated last month
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- GreatXML bitlocker bypass vulnerability☆596Jun 11, 2026Updated last month
- ☆40Jun 4, 2026Updated last month
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆370Dec 13, 2025Updated 7 months ago
- windows api bug☆39May 24, 2026Updated last month
- EDRUnChoker - fileless WMI defense that removes EDRChoker QoS throttling policies☆43Jun 8, 2026Updated last month
- A tool uses the QoS Policy (Pacer.sys) to throttle Endpoint Detection and Response (EDR) agents from connecting to the server.☆300Jun 13, 2026Updated last month
- Combining KslDump and GhostKatz to dump LSASS using no-fix KslD.sys memory read to bypass PPL. Extracts MSV1_0 NT hashes and WDigest clea…☆73Mar 25, 2026Updated 3 months ago
- A POC tool for exploring dev-tunnels☆66May 5, 2026Updated 2 months ago
- TongWebEJB漏洞利用工具☆26Apr 24, 2026Updated 2 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- POCs to demonstrate CVE-2026-42167 in ProFTPD☆23Apr 29, 2026Updated 2 months ago
- Advanced EDR Evasion via AI Telemetry Spoofing & WASM Sandboxing. Project Onyx is a PoC Red Team pipeline designed to demonstrate advance…☆113Jun 30, 2026Updated 2 weeks ago
- Steal SSH host private keys and /etc/shadow via the ptrace_may_access mm-NULL bypass + pidfd_getfd. Pre-31e62c2ebbfd kernels.☆751May 15, 2026Updated last month
- Activation Context Hijacking Evasion Tool☆293Jun 17, 2026Updated 3 weeks ago
- This repo contains the results of an internal re-write of impacket I undertook at my current company. It contains some of the IoCs found …☆313May 24, 2026Updated last month
- WebStrike 是一套以 Chromium 系浏览器扩展(Manifest V3) 为受控端点的指挥与控制(C2)套件。与传统以进程/驱动为主的 C2 相比,其工作重心落在 浏览器安全域:在合规授权与攻防演练场景下,可显著降低与终端 EDR 在 进程注入、驱动、内核回调…☆58Updated this week
- a minimal, position-independent C shellcode framework for Windows x64. compiles entirely on Linux☆61Jun 13, 2026Updated last month