Wh04m1001 / MSIExecEoP
Arbitrary File Delete in Windows Installer before 10.0.19045.2193
☆29Updated 2 years ago
Alternatives and similar repositories for MSIExecEoP:
Users that are interested in MSIExecEoP are comparing it to the libraries listed below
- Exploit for Arbitrary File Move vulnerability in ZoneAlarm AV☆26Updated 2 years ago
- ☆26Updated 2 years ago
- ☆29Updated 2 years ago
- ☆39Updated 2 years ago
- Sliver agent rewritten in C++☆44Updated 6 months ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆85Updated 2 years ago
- ☆88Updated 2 years ago
- Beacon Object File allowing creation of Beacons in different sessions.☆78Updated 2 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆101Updated 2 years ago
- This is my own implementation of the Perun's Fart technique by Sektor7☆68Updated 2 years ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆80Updated 4 months ago
- ☆81Updated 3 years ago
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆42Updated last year
- .NET project for installing Persistence☆64Updated 3 years ago
- Slides from out talk at BH IL 2022☆28Updated 2 years ago
- Beacon Object Files.☆35Updated last year
- ☆28Updated 2 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆52Updated last year
- Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"☆26Updated 2 years ago
- Get SYSTEM via SeDebugPrivilege☆20Updated 2 years ago
- lpe poc for cve-2022-21882☆49Updated 3 years ago
- BYOVD collection☆23Updated 11 months ago
- DynamicSyscalls is a library written in .net resolves the syscalls dynamically (Has nothing to do with hooking/unhooking)☆64Updated 2 years ago
- Beacon Object Files (not Buffer Overflows)☆53Updated 2 years ago
- Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.☆50Updated 3 years ago
- I have documented all of the AMSI patches that I learned till now☆74Updated last year
- Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…☆49Updated 2 years ago
- SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#☆63Updated last year
- Active Directory certificate abuse.☆37Updated 3 years ago