exploitblizzard / WindowsMDM-LPE-0Day
CVE-2021-24084 Windows Local Privilege Escalation Left officially unpatched since 2020. Hence, its still a zero day
☆48Updated 3 years ago
Alternatives and similar repositories for WindowsMDM-LPE-0Day:
Users that are interested in WindowsMDM-LPE-0Day are comparing it to the libraries listed below
- Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC b…☆138Updated 2 years ago
- A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…☆88Updated last year
- Using syscall to load shellcode, Evasion techniques☆27Updated 3 years ago
- Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.☆106Updated 3 years ago
- Convert shellcode generated using pe_2_shellcode to cdb format.☆96Updated 3 years ago
- Windows shellcode encoding and encrypting tool☆21Updated 2 years ago
- A small (Edited) POC to make defender useless by removing its token privileges and lowering the token integrity☆32Updated 2 years ago
- Bypass Detection By Randomising ROR13 API Hashes☆135Updated 2 years ago
- UUID based Shellcode loader for your favorite C2☆86Updated 3 years ago
- BOF combination of KillDefender and Backstab☆163Updated last year
- DLL Exports Extraction BOF with optional NTFS transactions.☆81Updated 3 years ago
- Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.☆80Updated last year
- ☆51Updated 2 years ago
- Reflective DLL Injection with obfuscated (XOR) shellcode☆72Updated 4 years ago
- C# implementation of the research by @jonaslyk and the drafted PoC from @LloydLabs☆148Updated 3 years ago
- Encrypting shellcode to Bypass AV☆72Updated 6 years ago
- Exploits Scripts and other tools that are useful during Penetration-Testing or Red Team engagement☆64Updated 2 years ago
- The vulnerability allowed a low-privileged user to escalate privileges to domain administrator in a default Active Directory environment …☆44Updated 2 years ago
- A spin-off research project. Cobalt Strike x Notion collab 2022☆53Updated 2 years ago
- lpe poc for cve-2022-21882☆49Updated 3 years ago
- This is a simple example of DLL hijacking enabling proxy execution.☆65Updated last year
- SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#☆63Updated last year
- Little program written in C# to bypass EDR hooks and dump the content of the lsass process☆61Updated 3 years ago
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆118Updated 2 years ago
- Extracting Syscall Stub, Modernized☆62Updated 2 years ago
- AutoStart teamserver and listeners with services☆72Updated 3 years ago
- POC tools for exploring SMB over QUIC protocol☆121Updated 2 years ago
- A Collection of templates that can be used for abusing window's AlwaysInstallElevated policy☆26Updated 2 years ago
- Simple LSASS Dumper created using C++ as an alternative to using Mimikatz memory dumper☆53Updated 10 months ago
- A Cobalt Strike memory evasion loader for redteamers☆97Updated 2 years ago