Wh04m1001 / CVE-2024-20656
☆131Updated 10 months ago
Related projects ⓘ
Alternatives and complementary repositories for CVE-2024-20656
- Leverage WindowsApp createdump tool to obtain an lsass dump☆142Updated 2 months ago
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆147Updated 6 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆163Updated last month
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆143Updated 6 months ago
- Evasive Golang Loader☆130Updated 3 months ago
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆91Updated last year
- CVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability☆127Updated last month
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆190Updated 5 months ago
- Automated .NET AppDomain hijack payload generation☆114Updated 4 months ago
- A set of programs for analyzing common vulnerabilities in COM☆154Updated 2 months ago
- ☆142Updated last week
- ☆147Updated 4 months ago
- Just a simple silly PoC demonstrating executable "exe" file that can be used like exe, dll or shellcode...☆151Updated 2 months ago
- Shaco is a linux agent for havoc☆144Updated last year
- ☆126Updated 3 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆145Updated 3 weeks ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆108Updated last month
- AV bypass while you sip your Chai!☆208Updated 6 months ago
- Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege☆200Updated 11 months ago
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆171Updated 10 months ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆148Updated 5 months ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆269Updated 3 months ago
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆158Updated 3 weeks ago
- WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"☆113Updated 4 months ago
- Nameless C2 - A C2 with all its components written in Rust☆241Updated last month
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆240Updated 3 months ago
- ☆156Updated last year