Network-Sec / CVE-2025-21420-PoCLinks
We found a way to DLL sideload with cleanmgr.exe
☆96Updated 10 months ago
Alternatives and similar repositories for CVE-2025-21420-PoC
Users that are interested in CVE-2025-21420-PoC are comparing it to the libraries listed below
Sorting:
- A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuf…☆61Updated 8 months ago
- ☆37Updated 2 weeks ago
- Convert your shellcode into an ASCII string☆124Updated 6 months ago
- Create Anti-Copy DRM Malware☆70Updated last year
- Agent for AdaptixC2 with focus in evasion, capability and malleable.☆127Updated 3 weeks ago
- Just a simple silly PoC demonstrating executable "exe" file that can be used like exe, dll or shellcode...☆169Updated last year
- Remotely Enumerate sessions using undocumented Windows Station APIs☆118Updated last year
- Leverage WindowsApp createdump tool to obtain an lsass dump☆153Updated last year
- A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.☆84Updated 8 months ago
- Early cascade injection PoC based on Outflanks blog post written in Rust☆68Updated 3 weeks ago
- ☆260Updated 6 months ago
- Remote DLL Injection with Timer-based Shellcode Execution☆152Updated 5 months ago
- CVE-2025-33053 Proof Of Concept (PoC)☆64Updated 7 months ago
- ☆136Updated 2 years ago
- Port of Cobalt Strike's Process Inject Kit☆190Updated last year
- lsassdump via RtlCreateProcessReflection and NanoDump☆84Updated last year
- CVE-2025-0282 is a critical vulnerability found in Ivanti Connect Secure, allowing Remote Command Execution (RCE) through a buffer overfl…☆52Updated last year
- Smart keylogging capability to steal SSH Credentials including password & Private Key☆150Updated 9 months ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆139Updated last year
- Enumerate active EDR's on the system☆148Updated 3 months ago
- A BOF to enumerate system process, their protection levels, and more.☆123Updated last year
- Tool to bypass LSA Protection (aka Protected Process Light)☆64Updated last year
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆128Updated last year
- EDRStartupHinder: A red team tool to prevent Antivirus and EDR from running.☆99Updated this week
- CVE-2024-38200 & CVE-2024-43609 - Microsoft Office NTLMv2 Disclosure Vulnerability☆146Updated last year
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆135Updated 9 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆196Updated 11 months ago
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆89Updated 10 months ago
- Morpheus is an lsass stealer that extracts lsass.exe in RAM and exfiltrates it via forged and crypted NTP packets. For authorized testin…☆122Updated 6 months ago
- Work, timer, and wait callback example using solely Native Windows APIs.☆88Updated last year