blackorbird / PrintNightmareLinks
☆52Updated 3 years ago
Alternatives and similar repositories for PrintNightmare
Users that are interested in PrintNightmare are comparing it to the libraries listed below
Sorting:
- POC for NetworkService PrivEsc☆126Updated 5 years ago
- Weaponizing for Arbitrary Files/Directories Delete bugs to Get NT AUTHORITY\SYSTEM☆123Updated 4 years ago
- Windows MSI Installer LPE (CVE-2021-43883)☆77Updated 3 years ago
- Tool for interacting with outlook interop during red team engagements☆144Updated 3 years ago
- Yet another LSASS dumper☆76Updated 4 years ago
- Companion PoC for the "Adventures in Dynamic Evasion" blog post☆121Updated 4 years ago
- Cobalt Strike Beacon Object Files☆161Updated 3 years ago
- C# PoC implementation for bypassing AMSI via in memory patching☆65Updated 4 years ago
- Collection of CobaltStrike beacon object files☆104Updated 3 years ago
- C# version of MDSec's ParallelSyscalls☆141Updated 3 years ago
- 64bit Windows 10 shellcode that injects all processes with Meterpreter reverse shells.☆128Updated 2 years ago
- Research project for understanding how Mimikatz work and become better at C☆123Updated 3 years ago
- DLL Hijack Search Order Enumeration BOF☆147Updated 3 years ago
- Collection of beacon object files for use with Cobalt Strike to facilitate 🐚.☆178Updated 4 years ago
- AMSI Bypass Via the Heap☆107Updated 4 years ago
- credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege☆124Updated 4 years ago
- Loads a custom dll in system32 via diaghub.☆76Updated 5 years ago
- ☆151Updated 4 years ago
- Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…☆104Updated 3 years ago
- C# version of Powermad☆166Updated last year
- POC tools for exploring SMB over QUIC protocol☆125Updated 3 years ago
- Pass the Hash to a named pipe for token Impersonation☆144Updated 4 years ago
- Coerce Windows machines auth via MS-EVEN☆161Updated last year
- MSBuild without MSbuild.exe☆132Updated 4 years ago
- AV/EDR evasion via direct system calls.☆108Updated last year
- Assembly HellGate implementation that directly calls Windows System Calls and displays the PPID of the explorer.exe process☆103Updated 2 years ago
- Proof of concept exploit of Windows Update Orchestrator Service Elevation of Privilege Vulnerability☆121Updated 4 years ago
- ☆169Updated 4 years ago
- Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File☆202Updated 4 years ago
- Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR☆101Updated 3 years ago