cfalta / MicrosoftWontFixListLinks
A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))
☆952Updated 3 years ago
Alternatives and similar repositories for MicrosoftWontFixList
Users that are interested in MicrosoftWontFixList are comparing it to the libraries listed below
Sorting:
- Windows Privilege Escalation from User to Domain Admin.☆1,398Updated 2 years ago
- Exploit allowing you to read registry hives as non-admin on Windows 10 and 11☆763Updated 3 years ago
- An introduction to Active Directory security☆649Updated 2 years ago
- KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default…☆1,590Updated 2 years ago
- A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE☆797Updated last year
- Hide your Powershell script in plain sight. Bypass all Powershell security features☆1,189Updated 5 years ago
- Active Directory certificate abuse.☆1,704Updated 10 months ago
- ☆2,109Updated 2 years ago
- ☆1,596Updated 2 months ago
- Extract credentials from lsass remotely☆2,127Updated 2 months ago
- Some usefull Scripts and Executables for Pentest & Forensics☆1,121Updated 7 months ago
- Gives you instant SYSTEM command prompt on all supported and legacy versions of Windows☆383Updated 3 years ago
- Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare)☆1,060Updated 3 years ago
- Also known by Microsoft as Knifecoat☆1,136Updated 2 years ago
- A toolkit to attack Office365☆1,077Updated 4 years ago
- LSASS memory dumper using direct system calls and API unhooking.☆1,536Updated 4 years ago
- Adversary Tactics - PowerShell Training☆1,541Updated 5 years ago
- Exploit Code for CVE-2020-1472 aka Zerologon☆384Updated 4 years ago
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆1,519Updated last year
- Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team.☆612Updated 2 years ago
- "Golden" certificates☆689Updated 10 months ago
- A post exploitation framework designed to operate covertly on heavily monitored environments☆2,103Updated 3 years ago
- Defences against Cobalt Strike☆1,288Updated 2 years ago
- Some notes and examples for cobalt strike's functionality☆1,091Updated 3 years ago
- The swiss army knife of LSASS dumping☆1,950Updated 9 months ago
- A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting☆812Updated 2 months ago
- PoC for Zerologon - all research credits go to Tom Tervoort of Secura☆1,239Updated 4 years ago
- Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing…☆1,627Updated 2 years ago
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user☆1,022Updated 2 years ago
- A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…☆848Updated 2 years ago