Network-Sec/CVE-2025-21420-PoC external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Network-Sec/CVE-2025-21420-PoC

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Network-Sec/CVE-2025-21420-PoC)

Close

Network-Sec / CVE-2025-21420-PoCView on GitHubMore

• External links
• Readme badge

We found a way to DLL sideload with cleanmgr.exe

☆98Feb 25, 2025Updated last year

Alternatives and similar repositories for CVE-2025-21420-PoC

Users that are interested in CVE-2025-21420-PoC are comparing it to the libraries listed below

• paranoidninja / BRC4-BOF-Artillery

  View on GitHub
  ☆147Nov 6, 2025Updated 4 months ago
• Azr43lKn1ght / Rusty-PE-Packer

  View on GitHub
  A robust Windows Process Executable Packer and Launcher implementation written in Rust for Windows x64 systems.
  ☆43Jan 9, 2025Updated last year
• RWXstoned / LdrShuffle

  View on GitHub
  Code execution/injection technique using DLL PEB module structure manipulation
  ☆221Jun 4, 2025Updated 9 months ago
• MrAle98 / CVE-2024-49138-POC

  View on GitHub
  POC exploit for CVE-2024-49138
  ☆267Feb 14, 2025Updated last year
• Sndav / coffee

  View on GitHub
  Coffee is a loader for ELF (Executable and Linkable Format) object files written in Rust. Coffee是一个用Rust语言编写的ELF object文件的加载器
  ☆63Apr 29, 2024Updated last year
• carsonchan12345 / CVE-2024-37726-MSI-Center-Local-Privilege-Escalation

  View on GitHub
  ☆37Jan 4, 2026Updated 2 months ago
• zero2504 / Shadow-Rebirth

  View on GitHub
  Shadow Rebirth - An Aggressive Outbreak Anti-Debugging Technique
  ☆20Dec 3, 2024Updated last year
• jayesther / KTM_POCS

  View on GitHub
  Reports and POCs for CVE 2024-43570 and CVE-2024-43535
  ☆29Jun 7, 2025Updated 9 months ago
• Wh04m1001 / CVE-2025-48799

  View on GitHub
  ☆267Jul 8, 2025Updated 7 months ago
• Wh04m1001 / GamingServiceEoP

  View on GitHub
  ☆150Mar 22, 2024Updated last year
• knight0x07 / NailaoLoader-Hiding-Execution-Flow

  View on GitHub
  NailaoLoader: Hiding Execution Flow via Patching
  ☆22Feb 27, 2025Updated last year
• 0x4d5a-ctf / 38c3_com_talk

  View on GitHub
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆75Jan 3, 2025Updated last year
• fin3ss3g0d / StoneKeeper

  View on GitHub
  StoneKeeper C2, an experimental EDR evasion framework for research purposes
  ☆209Dec 25, 2024Updated last year
• Offensive-Panda / RWX_MEMEORY_HUNT_AND_INJECTION_DV

  View on GitHub
  Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
  ☆290May 27, 2024Updated last year
• RonF98 / CVE-2024-43451-POC

  View on GitHub
  CVE-2024-43451 is a Windows NTLM vulnerability that allows an attacker to force authentication and capture NTLM hashes by using malicious…
  ☆15Jan 21, 2025Updated last year
• kyleavery / pendulum

  View on GitHub
  Linux Sleep Obfuscation
  ☆112Jan 7, 2024Updated 2 years ago
• cpu0x00 / Ghost

  View on GitHub
  Evasive shellcode loader
  ☆401Oct 17, 2024Updated last year
• y00ga-sec / Trustify

  View on GitHub
  Attack Active Directory Trusts with a single tool
  ☆14Jan 15, 2025Updated last year
• yehia-mamdouh / Lsassx

  View on GitHub
  Dumping LSASS Evaded Endpoint Security Solutions
  ☆18Feb 15, 2025Updated last year
• preludeorg / Regstoration

  View on GitHub
  A rust proof of concept to demonstrate registry overwriting via RegRestoreKey using the Offline Registry Library
  ☆24Nov 13, 2025Updated 3 months ago
• 404notf0und / CMS-POC

  View on GitHub
  POC Framework
  ☆10Jul 16, 2017Updated 8 years ago
• CICADA8-Research / COMThanasia

  View on GitHub
  A set of programs for analyzing common vulnerabilities in COM
  ☆249Sep 8, 2024Updated last year
• hackerhouse-opensource / CompMgmtLauncher_DLL_UACBypass

  View on GitHub
  CompMgmtLauncher & Sharepoint DLL Search Order hijacking UAC/persist via OneDrive
  ☆111Feb 2, 2026Updated last month
• dhmosfunk / 7-Zip-CVE-2025-0411-POC

  View on GitHub
  This repository contains POC scenarios as part of CVE-2025-0411 MotW bypass.
  ☆154Mar 6, 2025Updated last year
• je5442804 / WPTaskScheduler_CVE-2024-49039

  View on GitHub
  WPTaskScheduler RPC Persistence & CVE-2024-49039 via Task Scheduler
  ☆135Jul 21, 2025Updated 7 months ago
• Muhammad-Ali007 / OutlookNTLM_CVE-2023-23397

  View on GitHub
  ☆22Jul 15, 2023Updated 2 years ago
• 0xTriboulet / Abomination

  View on GitHub
  A synergized Visual Studio and Rust development environment
  ☆19Jan 25, 2025Updated last year
• NtDallas / OdinLdr

  View on GitHub
  Cobaltstrike Reflective Loader with Synthetic Stackframe
  ☆188Jan 17, 2026Updated last month
• Meowmycks / koneko

  View on GitHub
  Robust Cobalt Strike shellcode loader with multiple advanced evasion features
  ☆200Apr 21, 2025Updated 10 months ago
• SafeBreach-Labs / Win-DoS

  View on GitHub
  A set of tools and exploits to cause DoS for remote Windows Server & Windows 11 machines
  ☆32Feb 9, 2026Updated 3 weeks ago
• silentEAG / RedTeamOps

  View on GitHub
  Use Rust to implement some Red Team techniques :)
  ☆13Nov 11, 2024Updated last year
• paranoidninja / PI-Tracker

  View on GitHub
  A tracker DLL which enables 'NTAPI->Syscall' tracking whenever it is loaded. It calls 'NtSetInformationProcess' API call with a callback …
  ☆14Oct 21, 2024Updated last year
• MrAle98 / CVE-2025-21333-POC

  View on GitHub
  POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY
  ☆228Apr 12, 2025Updated 10 months ago
• boku7 / StringReaper

  View on GitHub
  Reaping treasures from strings in remote processes memory
  ☆284Feb 8, 2025Updated last year
• safedv / RustSoliloquy

  View on GitHub
  A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …
  ☆191Apr 26, 2025Updated 10 months ago
• boku7 / patchwerk

  View on GitHub
  BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)
  ☆194Feb 6, 2025Updated last year
• Whitecat18 / earlycascade-injection

  View on GitHub
  Early cascade injection PoC based on Outflanks blog post written in Rust
  ☆68Dec 26, 2025Updated 2 months ago
• senzee1984 / Windows_x64_Tcp_Reverse_Shell_Shellcode

  View on GitHub
  Null-free shellcode for TCP reverse shell on Windows x64
  ☆59Feb 19, 2024Updated 2 years ago
• Octoberfest7 / CVE-2023-36874_BOF

  View on GitHub
  Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE
  ☆205Aug 25, 2023Updated 2 years ago