Windows AppLocker Driver (appid.sys) LPE
☆75Jul 29, 2024Updated last year
Alternatives and similar repositories for CVE-2024-21338
Users that are interested in CVE-2024-21338 are comparing it to the libraries listed below
Sorting:
- CVE-2024-30090 - LPE PoC☆108Oct 17, 2024Updated last year
- ☆22Jan 15, 2025Updated last year
- a demo module for the kaine agent to execute and inject assembly modules☆41Aug 28, 2024Updated last year
- ☆79Aug 5, 2024Updated last year
- Windows rootkit designed to work with BYOVD exploits☆216Jan 18, 2025Updated last year
- BYOVD Technique Example using viragt64 driver☆73Jul 25, 2024Updated last year
- Proof-of-Concept for CVE-2024-21345☆77Apr 26, 2024Updated last year
- Windows LPE☆139Jun 11, 2024Updated last year
- C++ Staged Shellcode Loader with Evasion capabilities.☆96Oct 7, 2024Updated last year
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆382Dec 13, 2024Updated last year
- ☆55Sep 13, 2022Updated 3 years ago
- ☆146Mar 29, 2025Updated 11 months ago
- A repository with my code snippets for research/education purposes.☆53Jul 28, 2023Updated 2 years ago
- SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.☆261Nov 22, 2025Updated 3 months ago
- Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …☆299Jul 31, 2024Updated last year
- DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYS…☆462Aug 17, 2024Updated last year
- An In-memory Embedding of CPython☆31May 24, 2021Updated 4 years ago
- Reimplementation of the KExecDD DSE bypass technique.☆59Sep 7, 2024Updated last year
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆637May 8, 2025Updated 9 months ago
- ☆125Sep 5, 2024Updated last year
- A local privilege escalation vulnerability in VMware vCenter Server (and VMware Cloud Foundation) caused by a misconfiguration of sudo, a…☆58Jul 9, 2024Updated last year
- lsassdump via RtlCreateProcessReflection and NanoDump☆85Oct 18, 2024Updated last year
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆345Nov 19, 2024Updated last year
- "Service-less" driver loading☆184Nov 28, 2024Updated last year
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆137Aug 10, 2024Updated last year
- PoC for the Veeam Recovery Orchestrator Authentication CVE-2024-29855☆20Jun 17, 2024Updated last year
- A set of programs for analyzing common vulnerabilities in COM☆249Sep 8, 2024Updated last year
- Local & remote Windows DLL Proxying☆169Jun 17, 2024Updated last year
- Citrix Virtual Apps and Desktops (XEN) Unauthenticated RCE☆200Nov 12, 2024Updated last year
- PfSense Stored XSS lead to Arbitrary Code Execution exploit☆50Jan 12, 2025Updated last year
- Fuzzing Harness and Unpatched Crash Results from Fuzzing Defender MpEngine☆41Jul 29, 2025Updated 7 months ago
- ☆147Oct 29, 2024Updated last year
- Sleep obfuscation☆268Dec 13, 2024Updated last year
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…☆13Jul 16, 2025Updated 7 months ago
- ☆12Jan 10, 2025Updated last year
- ☆267Jul 8, 2025Updated 7 months ago
- 该漏洞存在于 NtQueryInformationToken 函数中,特别是在处理AuthzBasepCopyoutInternalSecurityAttributes 函数时,该漏洞源于内核在操作对象时对锁定机制的不当管理,这一失误可能导致恶意实体意外提升权限。☆40Jul 5, 2024Updated last year
- Evasive shellcode loader☆401Oct 17, 2024Updated last year
- TypeLib persistence technique☆140Oct 22, 2024Updated last year