CERTCC / privesc
Process Monitor filter for finding privilege escalation vulnerabilities on Windows
☆79Updated 3 years ago
Alternatives and similar repositories for privesc:
Users that are interested in privesc are comparing it to the libraries listed below
- ☆55Updated 3 years ago
- Assembly HellGate implementation that directly calls Windows System Calls and displays the PPID of the explorer.exe process☆100Updated 2 years ago
- A BOF to interact with COM objects associated with the Windows software firewall.☆103Updated 3 years ago
- AMSI Bypass Via the Heap☆106Updated 4 years ago
- A tool to create COM class/interface relationships in neo4j☆48Updated 2 years ago
- MiniDumpWriteDump behavior modification hook☆50Updated 4 years ago
- ☆68Updated 3 years ago
- A module for CME that spiders across a domain.☆35Updated 2 years ago
- DoppelGate relies on reading ntdll on disk to grab syscall stubs, and patches these syscall stubs into desired functions to bypass Userla…☆121Updated 3 years ago
- credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege☆123Updated 3 years ago
- Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS us…☆70Updated 4 years ago
- A C implementation of the Sektor7 "A Thief" Windows privesc technique.☆62Updated 3 years ago
- Code samples of .NET shellcode injections, weaponized for use via WebDav and mshta.exe.☆37Updated 5 years ago
- C# Implementation of Jared Atkinson's Get-InjectedThread.ps1☆53Updated 3 years ago
- Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged☆86Updated 2 years ago
- Quickly search for references to a GUID in DLLs, EXEs, and drivers☆74Updated 3 years ago
- Random☆33Updated 2 years ago
- ☆37Updated 2 years ago
- Companion PoC for the "Adventures in Dynamic Evasion" blog post☆122Updated 3 years ago
- ☆69Updated 3 years ago
- Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post☆124Updated 2 years ago
- WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.☆53Updated 3 years ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆86Updated 2 years ago
- Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR☆99Updated 3 years ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆89Updated 2 years ago
- ☆57Updated 3 years ago
- ☆42Updated 2 years ago
- A BOF to parse the imports of a provided PE-file, optionally extracting symbols on a per-dll basis.☆85Updated 3 years ago
- ☆82Updated 7 months ago
- Tradecraft Development Fundamentals☆40Updated 3 years ago