cfalta / MicrosoftWontFixList
A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))
☆939Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for MicrosoftWontFixList
- Windows Privilege Escalation from User to Domain Admin.☆1,333Updated last year
- Exploit allowing you to read registry hives as non-admin on Windows 10 and 11☆716Updated 3 years ago
- KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default…☆1,531Updated 2 years ago
- An introduction to Active Directory security☆639Updated 2 years ago
- Hide your Powershell script in plain sight. Bypass all Powershell security features☆1,107Updated 5 years ago
- Active Directory certificate abuse.☆1,519Updated 3 months ago
- Some notes and examples for cobalt strike's functionality☆986Updated 2 years ago
- Gives you instant SYSTEM command prompt on all supported and legacy versions of Windows☆377Updated 3 years ago
- A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE☆784Updated 6 months ago
- Microsoft signed ActiveDirectory PowerShell module☆848Updated 5 years ago
- Some usefull Scripts and Executables for Pentest & Forensics☆1,091Updated last month
- ☆1,526Updated 5 months ago
- Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare)☆1,014Updated 3 years ago
- ☆2,015Updated last year
- Extract credentials from lsass remotely☆2,057Updated last month
- The swiss army knife of LSASS dumping☆1,794Updated 2 months ago
- Adversary Tactics - PowerShell Training☆1,523Updated 4 years ago
- C# implementation of harmj0y's PowerView☆1,011Updated 7 months ago
- Tool for Active Directory Certificate Services enumeration and abuse☆2,426Updated 3 months ago
- Also known by Microsoft as Knifecoat☆1,114Updated last year
- Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing…☆1,532Updated last year
- LSASS memory dumper using direct system calls and API unhooking.☆1,491Updated 3 years ago
- Kerberos unconstrained delegation abuse toolkit☆1,142Updated last week
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆1,401Updated last year
- SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GP…☆1,069Updated 3 years ago
- Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands☆975Updated 3 years ago
- SharpUp is a C# port of various PowerUp functionality.☆1,264Updated 9 months ago
- C# Data Collector for the BloodHound Project, Version 3☆520Updated 2 years ago
- A post exploitation framework designed to operate covertly on heavily monitored environments☆2,044Updated 3 years ago