PN-Tester / AppxPotato
AppX RPC Local Privilege Escalation - Windows 10/11
☆14Updated 7 months ago
Related projects: ⓘ
- A payload delivery system which embeds payloads in an executable's icon file!☆72Updated 7 months ago
- Example/starter code for custom Windows application compatibility shims☆29Updated 3 years ago
- ☆12Updated 3 years ago
- C# Utilities for Windows Notification Facility☆122Updated 4 months ago
- Dump certificates from PE files in different formats☆36Updated 8 months ago
- Powershell implementation of a novel technique. Invoke-GPTObfuscation is a PowerShell Obfuscator that utilizes OpenAI (and other APIs) to…☆48Updated 9 months ago
- This module exploits a vulnerability in WinRAR (CVE-2023-38831). When a user opens a crafted RAR file and its embedded document, a script…☆11Updated last year
- Here are some of my malware reversing papers that I will be publishing☆30Updated 2 years ago
- Firefox webInjector capable of injecting codes into webpages using a mitmproxy.☆39Updated last year
- Runs programs as TrustedInstaller☆43Updated 5 years ago
- Simple Native Rust Reflective PE loader library☆36Updated last year
- A malicious keyboard that delivers a multi-staged attack, consisting of a polymorphous trojan payload which can bypass antivirus engines,…☆10Updated last year
- code for the Proxy DLL example blog post☆57Updated 2 years ago
- Code samples that serve as references for Windows API functions☆11Updated 3 months ago
- .NET deobfuscator and unpacker (with a control flow unflattener for DoubleZero added).☆29Updated 2 years ago
- Library of tools and examples for loading/bootstrapping managed code from unmanaged code in .NET☆62Updated 4 years ago
- ☆35Updated last year
- ☆16Updated this week
- ☆73Updated this week
- call gates as stable comunication channel for NT x86 and Linux x86_64☆28Updated last year
- An initial proof of concept of a bootkit based on Cr4sh's DMABackdoorBoot☆56Updated last year
- Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…☆50Updated 2 years ago
- ☆41Updated last year
- Bypass UAC on Windows 10/11 x64 using ms-settings DelegateExecute registry key.☆75Updated 2 years ago
- rpv-web is a browser based frontend for the rpv library☆23Updated last month
- ☆41Updated last year
- An Xdbg Plugin of the ERC Library.☆26Updated 7 months ago
- ☆31Updated this week
- A privilege escalation vulnerability exists in Windows due to a flaw in the implementation of the Atom Table. An attacker could exploit t…☆25Updated this week
- Obtain and parse SSL certificates☆9Updated 2 years ago