MrAle98 / CVE-2024-49138-POCView external linksLinks
POC exploit for CVE-2024-49138
☆266Feb 14, 2025Updated last year
Alternatives and similar repositories for CVE-2024-49138-POC
Users that are interested in CVE-2024-49138-POC are comparing it to the libraries listed below
Sorting:
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆266Apr 8, 2025Updated 10 months ago
- POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY☆226Apr 12, 2025Updated 10 months ago
- LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113☆514Jan 2, 2025Updated last year
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆381Dec 13, 2024Updated last year
- ☆21Jan 15, 2025Updated last year
- ☆94Jan 16, 2025Updated last year
- Proof of concept & details for CVE-2025-21298☆195Jan 20, 2025Updated last year
- Red teaming tool to dump LSASS memory, bypassing basic countermeasures.☆245Nov 2, 2025Updated 3 months ago
- ☆409Dec 8, 2024Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆280Sep 18, 2024Updated last year
- ☆125Sep 5, 2024Updated last year
- Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths☆358Aug 11, 2024Updated last year
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆635May 8, 2025Updated 9 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆214Oct 19, 2024Updated last year
- Windows rootkit designed to work with BYOVD exploits☆214Jan 18, 2025Updated last year
- TypeLib persistence technique☆139Oct 22, 2024Updated last year
- Process injection alternative☆404Sep 6, 2024Updated last year
- Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC☆418Sep 29, 2025Updated 4 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆194Nov 27, 2024Updated last year
- A set of programs for analyzing common vulnerabilities in COM☆246Sep 8, 2024Updated last year
- CVE-2024-30090 - LPE PoC☆108Oct 17, 2024Updated last year
- "Service-less" driver loading☆184Nov 28, 2024Updated last year
- ☆282Jul 31, 2024Updated last year
- ☆145Mar 29, 2025Updated 10 months ago
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆442Jul 8, 2024Updated last year
- A PowerShell console in C/C++ with all the security features disabled☆342Oct 14, 2025Updated 4 months ago
- ☆235Oct 8, 2024Updated last year
- COM ViewLogger — new malware keylogging technique☆403Jan 6, 2025Updated last year
- A robust Windows Process Executable Packer and Launcher implementation written in Rust for Windows x64 systems.☆42Jan 9, 2025Updated last year
- CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK)☆45Oct 16, 2024Updated last year
- Admin to Kernel code execution using the KSecDD driver☆264Apr 19, 2024Updated last year
- Bypassing UAC with SSPI Datagram Contexts☆460Sep 24, 2023Updated 2 years ago
- A beacon object file implementation of PoolParty Process Injection Technique.☆432Dec 21, 2023Updated 2 years ago
- Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advance…☆570May 22, 2025Updated 8 months ago
- ☆198Mar 28, 2025Updated 10 months ago
- early cascade injection PoC based on Outflanks blog post☆236Nov 7, 2024Updated last year
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆259Aug 13, 2024Updated last year
- A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …☆332Mar 6, 2025Updated 11 months ago
- Complete list of LPE exploits for Windows (starting from 2023)☆908Updated this week