POC exploit for CVE-2024-49138
☆267Feb 14, 2025Updated last year
Alternatives and similar repositories for CVE-2024-49138-POC
Users that are interested in CVE-2024-49138-POC are comparing it to the libraries listed below
Sorting:
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆267Apr 8, 2025Updated 11 months ago
- POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY☆228Apr 12, 2025Updated 10 months ago
- LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113☆516Jan 2, 2025Updated last year
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆382Dec 13, 2024Updated last year
- ☆22Jan 15, 2025Updated last year
- ☆94Jan 16, 2025Updated last year
- Proof of concept & details for CVE-2025-21298☆195Jan 20, 2025Updated last year
- Red teaming tool to dump LSASS memory, bypassing basic countermeasures.☆246Nov 2, 2025Updated 4 months ago
- ☆409Dec 8, 2024Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆283Sep 18, 2024Updated last year
- ☆125Sep 5, 2024Updated last year
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆637May 8, 2025Updated 10 months ago
- Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths☆360Aug 11, 2024Updated last year
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆215Oct 19, 2024Updated last year
- Windows rootkit designed to work with BYOVD exploits☆216Jan 18, 2025Updated last year
- TypeLib persistence technique☆140Oct 22, 2024Updated last year
- Process injection alternative☆406Sep 6, 2024Updated last year
- Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC☆424Sep 29, 2025Updated 5 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆195Nov 27, 2024Updated last year
- A set of programs for analyzing common vulnerabilities in COM☆249Sep 8, 2024Updated last year
- CVE-2024-30090 - LPE PoC☆108Oct 17, 2024Updated last year
- "Service-less" driver loading☆184Nov 28, 2024Updated last year
- A PowerShell console in C/C++ with all the security features disabled☆368Oct 14, 2025Updated 4 months ago
- ☆286Jul 31, 2024Updated last year
- ☆146Mar 29, 2025Updated 11 months ago
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆443Jul 8, 2024Updated last year
- ☆234Oct 8, 2024Updated last year
- COM ViewLogger — new malware keylogging technique☆405Jan 6, 2025Updated last year
- A robust Windows Process Executable Packer and Launcher implementation written in Rust for Windows x64 systems.☆43Jan 9, 2025Updated last year
- CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK)☆45Oct 16, 2024Updated last year
- Bypassing UAC with SSPI Datagram Contexts☆462Sep 24, 2023Updated 2 years ago
- Admin to Kernel code execution using the KSecDD driver☆264Apr 19, 2024Updated last year
- Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advance…☆570May 22, 2025Updated 9 months ago
- A beacon object file implementation of PoolParty Process Injection Technique.☆435Dec 21, 2023Updated 2 years ago
- ☆198Mar 28, 2025Updated 11 months ago
- early cascade injection PoC based on Outflanks blog post☆237Nov 7, 2024Updated last year
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆260Aug 13, 2024Updated last year
- A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …☆335Mar 6, 2025Updated last year
- Complete list of LPE exploits for Windows (starting from 2023)☆911Feb 20, 2026Updated 2 weeks ago