Wh04m1001 / CVE-2025-48799View external linksLinks
☆262Jul 8, 2025Updated 7 months ago
Alternatives and similar repositories for CVE-2025-48799
Users that are interested in CVE-2025-48799 are comparing it to the libraries listed below
Sorting:
- POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY☆226Apr 12, 2025Updated 10 months ago
- PoC Exploit for the NTLM reflection SMB flaw.☆674Feb 9, 2026Updated last week
- lsassdump via RtlCreateProcessReflection and NanoDump☆84Oct 18, 2024Updated last year
- CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK)☆45Oct 16, 2024Updated last year
- ☆242May 5, 2024Updated last year
- TeamViewer User to Kernel Elevation of Privilege PoC. CVE-2024-7479 and CVE-2024-7481. ZDI-24-1289 and ZDI-24-1290. TV-2024-1006.☆136Dec 22, 2024Updated last year
- Windows remote execution multitool☆780Oct 1, 2025Updated 4 months ago
- CVE-2024-30090 - LPE PoC☆108Oct 17, 2024Updated last year
- We found a way to DLL sideload with cleanmgr.exe☆98Feb 25, 2025Updated 11 months ago
- A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …☆332Mar 6, 2025Updated 11 months ago
- Windows AppLocker Driver (appid.sys) LPE☆74Jul 29, 2024Updated last year
- Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advance…☆570May 22, 2025Updated 8 months ago
- A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTA…☆355Apr 26, 2025Updated 9 months ago
- ☆198Mar 28, 2025Updated 10 months ago
- POC exploit for CVE-2024-49138☆266Feb 14, 2025Updated last year
- SharePoint WebPart Injection Exploit Tool☆311Nov 28, 2025Updated 2 months ago
- LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113☆514Jan 2, 2025Updated last year
- ☆235Oct 8, 2024Updated last year
- Fileless atexec, no more need for port 445☆404Mar 28, 2024Updated last year
- Local SYSTEM auth trigger for relaying☆168Jul 22, 2025Updated 6 months ago
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆381Dec 13, 2024Updated last year
- A robust Windows Process Executable Packer and Launcher implementation written in Rust for Windows x64 systems.☆42Jan 9, 2025Updated last year
- A Windows potato to privesc☆391Aug 26, 2024Updated last year
- CVE-2024-38200 & CVE-2024-43609 - Microsoft Office NTLMv2 Disclosure Vulnerability☆146Jan 13, 2025Updated last year
- Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls☆214Aug 31, 2025Updated 5 months ago
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆266Apr 8, 2025Updated 10 months ago
- Proof of concept & details for CVE-2025-21298☆195Jan 20, 2025Updated last year
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆214Oct 19, 2024Updated last year
- Hacking Windows through iTunes - Local Privilege Escalation 0-day☆98Oct 4, 2024Updated last year
- Ghosting-AMSI☆222Apr 24, 2025Updated 9 months ago
- ☆409Dec 8, 2024Updated last year
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆442Jul 8, 2024Updated last year
- Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC☆418Sep 29, 2025Updated 4 months ago
- Windows LPE☆139Jun 11, 2024Updated last year
- ☆282Jul 31, 2024Updated last year
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆698May 7, 2025Updated 9 months ago
- Port of Cobalt Strike's Process Inject Kit☆190Dec 1, 2024Updated last year
- Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …☆296Jul 31, 2024Updated last year
- ☆26Aug 11, 2025Updated 6 months ago