cfalta / MicrosoftWontFixList
A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))
☆937Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for MicrosoftWontFixList
- Windows Privilege Escalation from User to Domain Admin.☆1,332Updated last year
- Exploit allowing you to read registry hives as non-admin on Windows 10 and 11☆715Updated 3 years ago
- KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default…☆1,528Updated 2 years ago
- ☆2,012Updated last year
- ☆1,526Updated 4 months ago
- Hide your Powershell script in plain sight. Bypass all Powershell security features☆1,101Updated 5 years ago
- An introduction to Active Directory security☆639Updated 2 years ago
- A post exploitation framework designed to operate covertly on heavily monitored environments☆2,042Updated 3 years ago
- Adversary Tactics - PowerShell Training☆1,520Updated 4 years ago
- A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE☆783Updated 5 months ago
- Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare)☆1,011Updated 3 years ago
- a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )☆2,115Updated last week
- Active Directory certificate abuse.☆1,510Updated 2 months ago
- Some usefull Scripts and Executables for Pentest & Forensics☆1,085Updated 2 weeks ago
- Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing…☆1,531Updated last year
- A collection of Azure AD/Entra tools for offensive and defensive security purposes☆1,892Updated 2 weeks ago
- This repo contains some Amsi Bypass methods i found on different Blog Posts.☆1,703Updated 4 months ago
- Some notes and examples for cobalt strike's functionality☆981Updated 2 years ago
- Extract credentials from lsass remotely☆2,050Updated last month
- C# implementation of harmj0y's PowerView☆1,001Updated 7 months ago
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆1,399Updated last year
- Also known by Microsoft as Knifecoat☆1,112Updated last year
- Identifies the bytes that Microsoft Defender flags on.☆2,305Updated last year
- LSASS memory dumper using direct system calls and API unhooking.☆1,485Updated 3 years ago
- SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GP…☆1,061Updated 3 years ago
- A tool to kill antimalware protected processes☆1,383Updated 3 years ago
- Microsoft signed ActiveDirectory PowerShell module☆842Updated 5 years ago
- Custom Query list for the Bloodhound GUI based off my cheatsheet☆748Updated last year
- Defences against Cobalt Strike☆1,281Updated 2 years ago