exploitblizzard / WindowsMDM-LPE-0Day
CVE-2021-24084 Windows Local Privilege Escalation Left officially unpatched since 2020. Hence, its still a zero day
☆50Updated 3 years ago
Alternatives and similar repositories for WindowsMDM-LPE-0Day:
Users that are interested in WindowsMDM-LPE-0Day are comparing it to the libraries listed below
- Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC b…☆137Updated 2 years ago
- Using syscall to load shellcode, Evasion techniques☆27Updated 3 years ago
- Use CMSTP.exe to bypass UAC.☆43Updated 2 years ago
- A small (Edited) POC to make defender useless by removing its token privileges and lowering the token integrity☆32Updated 2 years ago
- Windows shellcode encoding and encrypting tool☆21Updated 2 years ago
- Encrypting shellcode to Bypass AV☆72Updated 6 years ago
- Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique☆63Updated 2 years ago
- lpe poc for cve-2022-21882☆49Updated 3 years ago
- Unhook DLL via cleaning the DLL 's .text section☆9Updated 3 years ago
- Bypass Detection By Randomising ROR13 API Hashes☆137Updated 3 years ago
- A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…☆90Updated last year
- Reflective DLL Injection with obfuscated (XOR) shellcode☆73Updated 4 years ago
- Little program written in C# to bypass EDR hooks and dump the content of the lsass process☆61Updated 3 years ago
- Extracting Syscall Stub, Modernized☆63Updated 3 years ago
- Winsocket for Cobalt Strike.☆98Updated last year
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆69Updated last year
- A Cobalt Strike memory evasion loader for redteamers☆99Updated 2 years ago
- Convert shellcode generated using pe_2_shellcode to cdb format.☆96Updated 3 years ago
- Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.☆107Updated 3 years ago
- BOF combination of KillDefender and Backstab☆167Updated 2 years ago
- SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#☆64Updated last year
- A spin-off research project. Cobalt Strike x Notion collab 2022☆53Updated 3 years ago
- Simple LSASS Dumper created using C++ as an alternative to using Mimikatz memory dumper☆54Updated last year
- Exploits Scripts and other tools that are useful during Penetration-Testing or Red Team engagement☆64Updated 3 years ago
- Cobalt Strike BOF Files with Nim!☆84Updated 2 years ago
- Load PE via XML Attribute☆30Updated 5 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆100Updated 2 years ago
- C# implementation of the research by @jonaslyk and the drafted PoC from @LloydLabs☆150Updated 3 years ago
- Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.☆16Updated 3 years ago
- It stinks☆102Updated 3 years ago