Noxtal / follina
All about CVE-2022-30190, aka follina, that is a RCE vulnerability that affects Microsoft Support Diagnostic Tools (MSDT) on Office apps such as Word. This is a very simple POC, feel free to check the sources below for more threat intelligence.
☆24Updated 2 years ago
Alternatives and similar repositories for follina:
Users that are interested in follina are comparing it to the libraries listed below
- C# .Net 5.0 project to build BOF (Beacon Object Files) in mass☆28Updated last year
- A little implant which SSH's back with a shell☆38Updated 3 years ago
- ☆18Updated 5 months ago
- Tomcat backdoor based on CS blog☆27Updated last year
- A malicious .cab creation tool for CVE-2021-40444☆12Updated 3 years ago
- Coyote is a standalone C# post-exploitation implant for maintaining access to compromised Windows infrastructure during red team engageme…☆19Updated 2 years ago
- Remote Code Execution on Microsoft Exchange Server through fixed cryptographic keys☆20Updated 3 years ago
- Windows File Enumeration Intel Gathering Tool.☆17Updated last year
- Python script to exploit CVE-2022-22954 and then exploit CVE-2022-22960☆2Updated 2 years ago
- CVE-2021-34527 AddPrinterDriverEx() Privilege Escalation☆21Updated 2 years ago
- Right-To-Left Override POC☆34Updated 3 years ago
- Check for NotProxyShell CVE-2022-40140 & CVE-2022-41082☆26Updated 2 years ago
- Cisco CallManager User Enumeration☆15Updated 2 years ago
- Multi-threaded C2 framework built in Flask with keylogger - from the Offensive C# Course by Naga Sai Nikhil☆21Updated 2 years ago
- CVE-2024-23108: Fortinet FortiSIEM Unauthenticated 2nd Order Command Injection☆32Updated 11 months ago
- CVE-2023-20198 & 0Day Implant Scanner☆30Updated last week
- Multi-thread AzureAD Autologon SSO Password Sprayer.☆37Updated 3 years ago
- ☆8Updated 7 months ago
- Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POC☆44Updated last year
- This is working POC of CVE-2022-36271☆9Updated 2 years ago
- Tool to start processes as SYSTEM using token duplication☆38Updated 4 years ago
- Port forwarding via MSRPC (445/tcp) [WIP]☆32Updated 3 years ago
- ☆25Updated last year
- A straightforward tool for exploiting SMTP Smuggling vulnerabilities.☆15Updated 9 months ago
- Execute embedded Mimikatz☆13Updated 3 years ago
- Burp extension to track your current IP address. Extension focused for red teams where the attacker needs to log all used IP addresses.☆25Updated last year
- Proof of Concept Exploit for CVE-2024-9465☆29Updated 6 months ago
- Exfiltrate files using the HTTP protocol version ("HTTP/1.0" is a 0 and "HTTP/1.1" is a 1)☆23Updated 3 years ago
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆33Updated 2 years ago
- Simple Honeypot for Atlassian Confluence (CVE-2022-26134)☆20Updated 2 years ago