This repository contains POC scenarios as part of CVE-2025-0411 MotW bypass.
☆154Mar 6, 2025Updated last year
Alternatives and similar repositories for 7-Zip-CVE-2025-0411-POC
Users that are interested in 7-Zip-CVE-2025-0411-POC are comparing it to the libraries listed below
Sorting:
- LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113☆516Jan 2, 2025Updated last year
- ☆53Sep 23, 2025Updated 5 months ago
- How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.☆25Apr 21, 2025Updated 10 months ago
- ☆126Jan 23, 2025Updated last year
- POC exploit for CVE-2024-49138☆267Feb 14, 2025Updated last year
- CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File☆396Mar 20, 2025Updated 11 months ago
- BOF with Synthetic Stackframe☆230Oct 30, 2025Updated 4 months ago
- ☆26Aug 11, 2025Updated 6 months ago
- A Crystal Palace shared library to resolve & perform syscalls☆57Oct 29, 2025Updated 4 months ago
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆43Apr 6, 2025Updated 11 months ago
- Stage 0☆169Dec 18, 2024Updated last year
- Windows rootkit designed to work with BYOVD exploits☆216Jan 18, 2025Updated last year
- Adversary Emulation Framework☆129Jul 1, 2025Updated 8 months ago
- StoneKeeper C2, an experimental EDR evasion framework for research purposes☆209Dec 25, 2024Updated last year
- Weaponizing DCOM for NTLM Authentication Coercions☆274Jul 1, 2025Updated 8 months ago
- A service container for interacting with SRA's VECTR☆16Apr 9, 2025Updated 11 months ago
- ☆19Dec 18, 2024Updated last year
- We found a way to DLL sideload with cleanmgr.exe☆98Feb 25, 2025Updated last year
- single-threaded event driven sleep obfuscation poc for linux☆38Jun 14, 2025Updated 8 months ago
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆267Apr 8, 2025Updated 11 months ago
- Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability☆24Feb 5, 2025Updated last year
- Impersonate Tokens using only NTAPI functions☆84Apr 4, 2025Updated 11 months ago
- Local SYSTEM auth trigger for relaying - X☆154Jul 23, 2025Updated 7 months ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆145Apr 18, 2025Updated 10 months ago
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆382Dec 13, 2024Updated last year
- Small Script that permits to enumerate folders in Windows Defender Exclusion List with no Administrative privileges☆27Nov 20, 2024Updated last year
- Utilizng an MCP Server to communicate with your C2☆86May 15, 2025Updated 9 months ago
- A python script that automates a C2 Profile build☆48Dec 14, 2025Updated 2 months ago
- A Reflective Loader for macOS☆147Jul 20, 2025Updated 7 months ago
- ☆409Dec 8, 2024Updated last year
- ☆33Jan 23, 2025Updated last year
- .NET assembly loader with patchless AMSI and ETW bypass☆370Apr 19, 2023Updated 2 years ago
- ForsHops☆152Mar 25, 2025Updated 11 months ago
- Azure Post Exploitation Framework☆244Oct 27, 2025Updated 4 months ago
- A POC to disable TamperProtection and other Defender / MDE components☆255Jun 6, 2024Updated last year
- A BloodHound collector for Microsoft Configuration Manager☆392Jul 7, 2025Updated 8 months ago
- Smart keylogging capability to steal SSH Credentials including password & Private Key☆152Mar 26, 2025Updated 11 months ago
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆95Jul 3, 2025Updated 8 months ago
- early cascade injection PoC based on Outflanks blog post☆237Nov 7, 2024Updated last year