D4m0n/CVE-2025-50168-pwn2own-berlin-2025 external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

D4m0n/CVE-2025-50168-pwn2own-berlin-2025

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/D4m0n/CVE-2025-50168-pwn2own-berlin-2025)

Close

D4m0n / CVE-2025-50168-pwn2own-berlin-2025View on GitHubMore

• External links
• Readme badge

CVE-2025-50168 Exploit PoC — Pwn2Own Berlin 2025 - LPE(Windows 11) winning bug.

☆143Nov 3, 2025Updated 5 months ago

Alternatives and similar repositories for CVE-2025-50168-pwn2own-berlin-2025

Users that are interested in CVE-2025-50168-pwn2own-berlin-2025 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• mrk336 / CVE-2025-26686-The-TCP-IP-Flaw-That-Opens-the-Gates

  View on GitHub
  A critical RCE vulnerability in Windows TCP/IP stack (CVE-2025-26686) leaves sensitive memory unlocked, allowing remote attackers to hija…
  ☆32Sep 16, 2025Updated 7 months ago
• uf0o / exploit_dev

  View on GitHub
  A collection of various exploits
  ☆29Sep 17, 2024Updated last year
• exploits-forsale / prefetch-tool

  View on GitHub
  Windows KASLR bypass using prefetch side-channel
  ☆179Apr 26, 2024Updated last year
• n132 / RetroverFlow

  View on GitHub
  ☆21Apr 6, 2025Updated last year
• MrAle98 / CVE-2025-21333-POC

  View on GitHub
  POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY
  ☆233Apr 12, 2025Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• zerozenxlabs / CVE-2023-36424

  View on GitHub
  Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation
  ☆131Mar 22, 2024Updated 2 years ago
• Yuri08loveElaina / CVE-2025-49667

  View on GitHub
  Windows Win32 Kernel Subsystem
  ☆37Aug 23, 2025Updated 7 months ago
• HullaBrian / COMmander

  View on GitHub
  .NET tool used to enrich RPC telemetry
  ☆101Jan 24, 2026Updated 2 months ago
• Black-Frost / windows-learning

  View on GitHub
  ☆147Mar 29, 2025Updated last year
• dis0rder0x00 / DbgNexum

  View on GitHub
  Shellcode injection using the Windows Debugging API
  ☆178Jan 4, 2026Updated 3 months ago
• mistymntncop / CVE-2024-7971

  View on GitHub
  ☆34Apr 14, 2025Updated last year
• 7hePr0fess0r / ADCSDevilCOM

  View on GitHub
  A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA …
  ☆168Nov 2, 2025Updated 5 months ago
• chompie1337 / Windows_MSKSSRV_LPE_CVE-2023-36802

  View on GitHub
  LPE exploit for CVE-2023-36802
  ☆167Oct 10, 2023Updated 2 years ago
• Offensive-Panda / D3MPSEC

  View on GitHub
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆28Sep 18, 2024Updated last year
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• wh1te4ever / CVE-2025-31258-PoC

  View on GitHub
  1day practice - Escape macOS sandbox (partial) using RemoteViewServices
  ☆45May 12, 2025Updated 11 months ago
• aklnjakln / CVE-2025-6554

  View on GitHub
  ☆30Nov 25, 2025Updated 4 months ago
• hd3s5aa / CVE-2023-21674

  View on GitHub
  ☆38Apr 5, 2024Updated 2 years ago
• connormcgarr / SkBridge

  View on GitHub
  Harness to issue Virtual Secure Mode (VSM) "secure calls" from VTL 0 to VTL 1
  ☆78Sep 8, 2025Updated 7 months ago
• 0xOvid / RootkitDiaries

  View on GitHub
  Collection of different rootkit functionality, each driver representing a different rootkit component
  ☆13May 27, 2025Updated 10 months ago
• 0xsch1zo / NullGate

  View on GitHub
  Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.
  ☆166Jul 30, 2025Updated 8 months ago
• star-sg / challenges

  View on GitHub
  ☆24Jan 27, 2026Updated 2 months ago
• blasty / printer-cracktro

  View on GitHub
  ☆38Dec 11, 2022Updated 3 years ago
• rycbar77 / V8-Sandbox-Bypass-via-wrapper-and-call-target-mismatch-in-wasm

  View on GitHub
  A V8 Sandbox Escape Technique.
  ☆21Feb 8, 2025Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• knight0x07 / NailaoLoader-Hiding-Execution-Flow

  View on GitHub
  NailaoLoader: Hiding Execution Flow via Patching
  ☆23Feb 27, 2025Updated last year
• rycbar77 / CVE-2024-2887

  View on GitHub
  For V8CTF M123
  ☆17Aug 25, 2024Updated last year
• Kyle-Kyle / angry-FSROP

  View on GitHub
  a new class of file structure attacks
  ☆60Nov 19, 2022Updated 3 years ago
• exploits-forsale / 24h2-nt-exploit

  View on GitHub
  Exploit targeting NT kernel in 24H2 Windows Insider Preview
  ☆153Apr 26, 2024Updated last year
• Orange-Cyberdefense / moxpack

  View on GitHub
  A Qemu Proxmox Template builder project using Packer
  ☆74Dec 5, 2025Updated 4 months ago
• JoasASantos / Probabilistic-Call-Stack-PoC

  View on GitHub
  A proof-of-concept to demonstrate randomized execution paths and their impact on call stack signatures — ideal for EDR testing, behavior-…
  ☆24Jan 17, 2026Updated 3 months ago
• bjrjk / CVE-2022-4262

  View on GitHub
  Full Chain Analysis of CVE-2022-4262, a non-trivial feedback slot type confusion in V8.
  ☆107Feb 12, 2025Updated last year
• lsecqt / SessionView

  View on GitHub
  A portable C# utility for enumerating local and remote windows sessions
  ☆57Jan 1, 2026Updated 3 months ago
• ret2 / Pwn2Own-Ireland2024-DiskStation

  View on GitHub
  ☆41Apr 23, 2025Updated 11 months ago
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• RonF98 / CVE-2024-43451-POC

  View on GitHub
  CVE-2024-43451 is a Windows NTLM vulnerability that allows an attacker to force authentication and capture NTLM hashes by using malicious…
  ☆15Jan 21, 2025Updated last year
• 474172261 / Helpful-python-scripts

  View on GitHub
  A collection of my scripts for research
  ☆12Jul 28, 2025Updated 8 months ago
• mimorep / Indirect-Shellcode-Executor

  View on GitHub
  Indirect-Shellcode-Executor expoits the miss-configuration/vulnerability present on the API Windows method ReadProcessMemory discovered b…
  ☆85Nov 15, 2025Updated 5 months ago
• HappyIDA / HappyIDA

  View on GitHub
  Make You Happy!
  ☆279Mar 24, 2026Updated 3 weeks ago
• hunters-sec / CVE-2025-55188-7z-exploit

  View on GitHub
  7z exploit POC versions prior to 25.01
  ☆33Aug 11, 2025Updated 8 months ago
• Offensive-Panda / WPM-MAJIC-ENTRY-POINT-INJECTION

  View on GitHub
  This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…
  ☆18Oct 31, 2024Updated last year
• synacktiv / Windows-kernel-SegmentHeap-Aligned-Chunk-Confusion

  View on GitHub
  PoC exploiting Aligned Chunk Confusion on Windows kernel Segment Heap
  ☆214Jul 2, 2020Updated 5 years ago