KaLendsi / CVE-2022-21882
win32k LPE
☆461Updated 3 years ago
Alternatives and similar repositories for CVE-2022-21882:
Users that are interested in CVE-2022-21882 are comparing it to the libraries listed below
- Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)☆785Updated 3 years ago
- Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)☆416Updated 3 years ago
- some gadgets about windows process and ready to use :)☆583Updated last year
- HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907☆361Updated 3 years ago
- ☆507Updated 3 years ago
- PoC for CVE-2022-21971 "Windows Runtime Remote Code Execution Vulnerability"☆307Updated 3 years ago
- RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, …☆486Updated 3 years ago
- A protective and Low Level Shellcode Loader that defeats modern EDR systems.☆902Updated 11 months ago
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆1,296Updated last year
- This is a PoC for bypassing UAC using DLL hijacking and abusing the "Trusted Directories" verification.☆272Updated 3 years ago
- A small POC to make defender useless by removing its token privileges and lowering the token integrity☆681Updated 2 years ago
- Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).☆756Updated last year
- Framework for Kerberos relaying☆893Updated 2 years ago
- Self-developed tools for Lateral Movement/Code Execution☆702Updated 3 years ago
- PIC lsass dumper using cloned handles☆579Updated 2 years ago
- WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement☆363Updated 3 years ago
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆741Updated last year
- A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…☆828Updated last year
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user☆1,006Updated 2 years ago
- A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file form…☆900Updated 9 months ago
- Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers t…☆451Updated 3 years ago
- Various Cobalt Strike BOFs☆617Updated 2 years ago
- Exploit for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)☆463Updated 3 years ago
- Another Windows Local Privilege Escalation from Service Account to System☆833Updated 2 years ago
- Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation☆951Updated 2 years ago
- A .NET Runtime for Cobalt Strike's Beacon Object Files☆698Updated 6 months ago
- NTLM relaying for Windows made easy☆556Updated last year
- Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…☆449Updated 2 years ago
- ☆406Updated 2 years ago
- Exploit to SYSTEM for CVE-2021-21551☆236Updated 3 years ago