eversinc33 / NimNightmare
CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)
☆18Updated 2 years ago
Related projects: ⓘ
- Resolve WinAPI func. Custom GetProcAddress and GetModuleHandle written in Nim☆30Updated 3 years ago
- A simple Nim stager (w/ fiber execution)☆14Updated 2 years ago
- ☆41Updated last year
- C# .Net 5.0 project to build BOF (Beacon Object Files) in mass☆26Updated last year
- ShellcodeFluctuation PoC ported to Nim☆72Updated last year
- Some Cyber Security related scripts☆18Updated last year
- Run python from a single exe☆34Updated 2 years ago
- all credits go to @mgeeky☆58Updated 2 years ago
- Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.☆30Updated last year
- a simple backdoor in Nim☆17Updated 3 years ago
- A nim port of C5pider's Ekko project.☆16Updated last year
- Ntdll Unhooking POC☆19Updated 2 years ago
- A simple BOF implementation of klist using Windows API☆30Updated 2 years ago
- Windows File Enumeration Intel Gathering Tool.☆17Updated last year
- A little implant which SSH's back with a shell☆36Updated 2 years ago
- Cobalt Strike Get clipboard plugin☆12Updated last year
- Another AMSI bypass - but in C++.☆25Updated last year
- Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts☆17Updated last year
- ☆18Updated 3 years ago
- Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming an…☆30Updated last year
- Core bypass Windows Defender and execute any binary converted to shellcode☆42Updated 2 years ago
- Beacon payload using AV bypass method from https://github.com/fullmetalcache/CsharpMMNiceness and shellcode generated from https://github…☆20Updated 3 years ago
- Repository for dirty scripts and PoCs☆16Updated last year
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆37Updated 9 months ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆14Updated last year
- Playing with PE's and Building Structures by Hand☆22Updated 2 years ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆30Updated 10 months ago
- Standalone Go implementation of Metasploit's "db_nmap" and "db_import" commands.☆16Updated 11 months ago
- A third-party Gopher Assassin for the Havoc Framework.☆44Updated 8 months ago
- DoublePulsar (Position-Independent) Shellcode (Windows 7 SP1 x64)☆26Updated 4 years ago