Alternatives and similar repositories for CVE-2023-21768

Users that are interested in CVE-2023-21768 are comparing it to the libraries listed below

• Cobalt-Strike / sleepmask-vs
  A simple Sleepmask BOF example
  ☆107Updated this week
• WafflesExploits / CobaltStrike-YARA-Bypass-f0b627fc
  Repository of scripts from my blog post on bypassing the YARA rule Windows_Trojan_CobaltStrike_f0b627fc by generating alternative shellco…
  ☆39Updated 7 months ago
• hackerhouse-opensource / ColorDataProxyUACBypass
  Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC b…
  ☆138Updated 2 years ago
• WKL-Sec / Winsocky
  Winsocket for Cobalt Strike.
  ☆98Updated last year
• ProcessusT / SharpVenoma
  CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution
  ☆45Updated last year
• Cipher7 / ApexLdr
  ApexLdr is a DLL Payload Loader written in C
  ☆110Updated 10 months ago
• 0xEr3bus / RdpStrike
  Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.
  ☆241Updated 11 months ago
• killvxk / CVE-2024-38193-Nephster
  ☆58Updated 6 months ago
• sokaRepo / CoercedPotatoRDLL
  Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege
  ☆205Updated last year
• RalfHacker / CVE-2024-26229-exploit
  Windows LPE
  ☆125Updated 11 months ago
• dmcxblue / SharpBlackout
  Terminate AV/EDR leveraging BYOVD attack
  ☆87Updated 2 months ago
• Octoberfest7 / CVE-2023-36874_BOF
  Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE
  ☆206Updated last year
• Vasco0x4 / ShadeLoader
  ShadeLoader is a shellcode loader designed to bypass most antivirus software. 壳代码, 杀毒软件, 绕过
  ☆40Updated 2 weeks ago
• gavz / ExplorerPersist
  Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when …
  ☆84Updated 2 years ago
• je5442804 / WPTaskScheduler_CVE-2024-49039
  WPTaskScheduler RPC Persistence & CVE-2024-49039 via Task Scheduler
  ☆120Updated 6 months ago
• Y3A / CVE-2023-28229
  ☆130Updated last year
• kyxiaxiang / AV_EDR_EPP_Notes
  ☆47Updated last year
• bobby-tablez / VBScrambler
  A Python-based VBScript Code Obfuscator
  ☆39Updated last month
• ProcessusT / Venoma
  Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution
  ☆181Updated last week
• battleoverflow / lsass-dump
  Simple LSASS Dumper created using C++ as an alternative to using Mimikatz memory dumper
  ☆55Updated last year
• absholi7ly / CVE-2025-0282-Ivanti-exploit
  CVE-2025-0282 is a critical vulnerability found in Ivanti Connect Secure, allowing Remote Command Execution (RCE) through a buffer overfl…
  ☆47Updated 4 months ago
• SaadAhla / D1rkSleep
  Improved version of EKKO by @5pider that Encrypts only Image Sections
  ☆119Updated 2 years ago
• oldboy21 / SyscallMeMaybe
  Implementation of Indirect Syscall technique to pop a calc.exe
  ☆102Updated last year
• Ethicalrat / Evasive-Loader
  Evasive loader to bypass static detection
  ☆60Updated last year
• d0rb / CVE-2023-36874
  This repository contains a proof-of-concept exploit written in C++ that demonstrates the exploitation of a vulnerability affecting the Wi…
  ☆77Updated last year
• ice-wzl / wmiexec2
  wmiexec2.0 is the same wmiexec that everyone knows and loves (debatable). This 2.0 version is obfuscated to avoid well known signatures …
  ☆34Updated 11 months ago
• evilashz / PigSyscall
  An implementation of an indirect system call
  ☆127Updated last year
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆57Updated 9 months ago
• Wh04m1001 / IFaultrepElevatedDataCollectionUAC
  ☆133Updated 2 years ago
• cpu0x00 / SharpReflectivePEInjection
  reflectively load and execute PEs locally and remotely bypassing EDR hooks
  ☆153Updated last year