☆82Apr 9, 2024Updated last year
Alternatives and similar repositories for UserManagerEoP
Users that are interested in UserManagerEoP are comparing it to the libraries listed below
Sorting:
- ☆31May 16, 2024Updated last year
- DFSCoerce exe revisited version with custom authentication☆42Jan 13, 2024Updated 2 years ago
- TeamViewer User to Kernel Elevation of Privilege PoC. CVE-2024-7479 and CVE-2024-7481. ZDI-24-1289 and ZDI-24-1290. TV-2024-1006.☆136Dec 22, 2024Updated last year
- A bunch of shenanigans using functions, VEH and more☆37Jun 8, 2025Updated 8 months ago
- a tool used to analyze and monitor in named pipes☆194Oct 27, 2024Updated last year
- Local & remote Windows DLL Proxying☆169Jun 17, 2024Updated last year
- Proof of concept & details for CVE-2025-21298☆195Jan 20, 2025Updated last year
- Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE☆205Aug 25, 2023Updated 2 years ago
- ☆239Aug 23, 2023Updated 2 years ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆63Mar 19, 2024Updated last year
- Extension functionality for the NightHawk operator client☆26Nov 3, 2023Updated 2 years ago
- Veeam Backup Enterprise Manager Authentication Bypass (CVE-2024-29849)☆89Jun 13, 2024Updated last year
- ☆67Oct 10, 2023Updated 2 years ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆409Jan 11, 2026Updated last month
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆266Apr 8, 2025Updated 10 months ago
- Analysis of the vulnerability☆50Jan 23, 2024Updated 2 years ago
- TokenCert☆102Nov 15, 2024Updated last year
- Work, timer, and wait callback example using solely Native Windows APIs.☆88Feb 11, 2024Updated 2 years ago
- Admin to Kernel code execution using the KSecDD driver☆265Apr 19, 2024Updated last year
- Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation☆130Mar 22, 2024Updated last year
- Exploit for CVE-2024-4883☆11Jul 8, 2024Updated last year
- A Bumblebee-inspired Crypter☆79Dec 5, 2022Updated 3 years ago
- TypeLib persistence technique☆140Oct 22, 2024Updated last year
- A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …☆334Mar 6, 2025Updated 11 months ago
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆49Mar 10, 2025Updated 11 months ago
- Abusing Azure services over C2☆368Jan 20, 2026Updated last month
- ☆26Aug 5, 2025Updated 6 months ago
- CIA UAC bypass implementation of Stinger that obtains the token from an auto-elevated process, modifies it, and reuses it to execute as A…☆301Feb 2, 2026Updated last month
- Bypassing UAC with SSPI Datagram Contexts☆461Sep 24, 2023Updated 2 years ago
- ☆199Aug 28, 2025Updated 6 months ago
- ☆137Jan 14, 2024Updated 2 years ago
- ☆150Mar 22, 2024Updated last year
- Python implementation of GhostPack's Seatbelt situational awareness tool☆271Nov 12, 2024Updated last year
- Analyse MSI files for vulnerabilities☆142Aug 30, 2024Updated last year
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆381Dec 13, 2024Updated last year
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆38Dec 7, 2025Updated 2 months ago
- Parser and reconciliation tooling for large Active Directory environments.☆33Feb 18, 2025Updated last year
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆166Oct 9, 2024Updated last year
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Dec 16, 2023Updated 2 years ago