☆267Jul 8, 2025Updated 8 months ago
Alternatives and similar repositories for CVE-2025-48799
Users that are interested in CVE-2025-48799 are comparing it to the libraries listed below
Sorting:
- POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY☆228Apr 12, 2025Updated 10 months ago
- PoC Exploit for the NTLM reflection SMB flaw.☆682Feb 18, 2026Updated 2 weeks ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆85Oct 18, 2024Updated last year
- CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK)☆45Oct 16, 2024Updated last year
- ☆242May 5, 2024Updated last year
- TeamViewer User to Kernel Elevation of Privilege PoC. CVE-2024-7479 and CVE-2024-7481. ZDI-24-1289 and ZDI-24-1290. TV-2024-1006.☆136Dec 22, 2024Updated last year
- Windows remote execution multitool☆784Updated this week
- CVE-2024-30090 - LPE PoC☆108Oct 17, 2024Updated last year
- We found a way to DLL sideload with cleanmgr.exe☆98Feb 25, 2025Updated last year
- A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …☆335Mar 6, 2025Updated last year
- Windows AppLocker Driver (appid.sys) LPE☆75Jul 29, 2024Updated last year
- Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advance…☆570May 22, 2025Updated 9 months ago
- A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTA…☆354Apr 26, 2025Updated 10 months ago
- ☆198Mar 28, 2025Updated 11 months ago
- POC exploit for CVE-2024-49138☆267Feb 14, 2025Updated last year
- SharePoint WebPart Injection Exploit Tool☆311Nov 28, 2025Updated 3 months ago
- LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113☆516Jan 2, 2025Updated last year
- ☆234Oct 8, 2024Updated last year
- Fileless atexec, no more need for port 445☆406Mar 28, 2024Updated last year
- Local SYSTEM auth trigger for relaying☆168Jul 22, 2025Updated 7 months ago
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆382Dec 13, 2024Updated last year
- A robust Windows Process Executable Packer and Launcher implementation written in Rust for Windows x64 systems.☆43Jan 9, 2025Updated last year
- A Windows potato to privesc☆390Aug 26, 2024Updated last year
- CVE-2024-38200 & CVE-2024-43609 - Microsoft Office NTLMv2 Disclosure Vulnerability☆146Jan 13, 2025Updated last year
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆267Apr 8, 2025Updated 11 months ago
- Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls☆218Aug 31, 2025Updated 6 months ago
- Proof of concept & details for CVE-2025-21298☆195Jan 20, 2025Updated last year
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆215Oct 19, 2024Updated last year
- Hacking Windows through iTunes - Local Privilege Escalation 0-day☆98Oct 4, 2024Updated last year
- Ghosting-AMSI☆225Apr 24, 2025Updated 10 months ago
- ☆409Dec 8, 2024Updated last year
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆443Jul 8, 2024Updated last year
- PoC exploit for the vulnerable WatchDog Anti-Malware driver (amsdk.sys) – weaponized to kill protected EDR/AV processes via BYOVD.☆202Sep 11, 2025Updated 5 months ago
- Windows LPE☆139Jun 11, 2024Updated last year
- Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC☆424Sep 29, 2025Updated 5 months ago
- A PowerShell console in C/C++ with all the security features disabled☆368Oct 14, 2025Updated 4 months ago
- ☆286Jul 31, 2024Updated last year
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆701May 7, 2025Updated 10 months ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆188Jan 17, 2026Updated last month