Alternatives and similar repositories for ad-cve-privesc

Users that are interested in ad-cve-privesc are comparing it to the libraries listed below

• Faran-17 / EarlyBird-APC-Injection
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆33Updated last year
• magnusstubman / tokenduplicator
  Tool to start processes as SYSTEM using token duplication
  ☆39Updated 4 years ago
• knight0x07 / WinRAR-Code-Execution-Vulnerability-CVE-2023-38831
  Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)
  ☆41Updated last year
• Wh04m1001 / ZoneAlarmEoP
  Exploit for Arbitrary File Move vulnerability in ZoneAlarm AV
  ☆26Updated 2 years ago
• TunnelGRE / XOR_NIM_Inject
  Simple shellcode injection in Nim encrypted in XOR
  ☆22Updated last year
• vanhohen / ADNinja
  Active directory Attacks and Scripts
  ☆26Updated last year
• x0xr00t / sl0ppy-defender-evasion
  evasion of defender
  ☆9Updated 2 years ago
• mr-r3b00t / NotProxyShellHunter
  Check for NotProxyShell CVE-2022-40140 & CVE-2022-41082
  ☆26Updated 2 years ago
• y00ga-sec / Forensike
  Remotely dump NT hashes through Windows Crash dumps
  ☆27Updated 8 months ago
• nettitude / CVE-2024-25153
  Proof-of-concept exploit for CVE-2024-25153.
  ☆42Updated last year
• hyd3sec / MultiThreaded_C2_With_Keylogger
  Multi-threaded C2 framework built in Flask with keylogger - from the Offensive C# Course by Naga Sai Nikhil
  ☆21Updated 2 years ago
• S1lkys / CVE-2023-30367-mRemoteNG-password-dumper
  Original PoC for CVE-2023-30367
  ☆14Updated last year
• jfjallid / go-lsass
  Tool to aid in dumping LSASS process remotely
  ☆40Updated 11 months ago
• florianib / rusty_drivers
  BYOVD collection
  ☆23Updated last year
• watchtowrlabs / CVE-2025-0282
  Ivanti Connect Secure IFT TLS Stack Overflow pre-auth RCE (CVE-2025-0282)
  ☆29Updated 6 months ago
• watchtowrlabs / CVE-2024-50623
  Cleo Unrestricted file upload and download PoC (CVE-2024-50623)
  ☆23Updated 7 months ago
• patrickhener / invictus
  OSED Practice binary
  ☆24Updated last year
• Offensive-Panda / D3MPSEC
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆24Updated 9 months ago
• ChoiSG / havoc2nginx
  havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most…
  ☆12Updated 2 years ago
• ZephrFish / CVE-2023-20198-Checker
  CVE-2023-20198 & 0Day Implant Scanner
  ☆31Updated 2 months ago
• atabetnouhaila / API-hashing
  ☆18Updated 9 months ago
• gokupwn / shootCutMe
  ShootCutMe an .LNK file creator tool for redteamer
  ☆13Updated 9 months ago
• HackingLZ / TomcatBackdoorPoC
  Tomcat backdoor based on CS blog
  ☆27Updated 2 years ago
• attl4s / freeMetsrvLoader
  freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package
  ☆33Updated 2 years ago
• trevorsaudi / Zero-Import-Malware
  Small project looking into how we can build malware with zero-imports by dynamically resolving windows APIs using GetProcAddress and GetM…
  ☆39Updated last year
• octopwn / wsnet-dotnet
  ☆13Updated 6 months ago
• Wh04m1001 / PICDumper
  ☆25Updated 3 years ago
• smokeme / ProxyNotShell
  ☆19Updated 2 years ago
• Wh04m1001 / CVE-2022-3368
  ☆29Updated 2 years ago
• MaorSabag / interactive-execute-shellcode
  A simple PoC of injection shellcode into a remote process and get the output using namepipe
  ☆42Updated last year