Crowdfense / CVE-2024-21338
Windows AppLocker Driver (appid.sys) LPE
☆30Updated last month
Related projects: ⓘ
- A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and re…☆18Updated last year
- ☆33Updated last year
- Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.☆41Updated 6 months ago
- Hooked create process injection for meterpreter☆23Updated 3 years ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆30Updated 10 months ago
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆34Updated 9 months ago
- Section-based payload obfuscation technique for x64☆59Updated last month
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆20Updated this week
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆30Updated 5 months ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated last year
- Creation and removal of Defender path exclusions and exceptions in C#.☆29Updated 10 months ago
- ☆28Updated this week
- Reimplementation of the KExecDD DSE bypass technique.☆42Updated last week
- A firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a unprivileged user☆30Updated last month
- Command and Control☆23Updated last month
- shell code example☆10Updated 3 weeks ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- ☆38Updated this week
- a demo module for the kaine agent to execute and inject assembly modules☆33Updated 3 weeks ago
- ☆27Updated 3 months ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆50Updated last year
- ☆26Updated 2 months ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆18Updated 11 months ago
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆36Updated 8 months ago
- ☆18Updated last month
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆55Updated last year
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆31Updated 4 months ago
- A direct improvement to remote TLS Injection.☆15Updated 3 months ago
- A simple rpc2socks alternative in pure Go.☆23Updated 2 months ago
- ☆25Updated this week