hakaioffsec / CVE-2024-21338

Related projects: ⓘ

• varwara / CVE-2024-26229
  CWE-781: Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code
  ☆310Updated 2 months ago
• tykawaii98 / CVE-2024-30088
  ☆203Updated last month
• Offensive-Panda / RWX_MEMEORY_HUNT_AND_INJECTION_DV
  Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
  ☆227Updated 3 months ago
• MaorSabag / TrueSightKiller
  CPP AV/EDR Killer
  ☆329Updated 9 months ago
• mansk1es / CVE-2024-21111
  Oracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability
  ☆211Updated 4 months ago
• CICADA8-Research / IHxExec
  Process injection alternative
  ☆275Updated 2 weeks ago
• EvilBytecode / EDR-XDR-AV-Killer
  Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver
  ☆228Updated 2 months ago
• H1d3r / GPU_ShellCode
  ☆290Updated 2 years ago
• senzee1984 / InflativeLoading
  Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.
  ☆259Updated 5 months ago
• kyxiaxiang / Beacon_Source
  not a reverse-engineered version of the Cobalt Strike Beacon
  ☆326Updated 5 months ago
• senzee1984 / EDRPrison
  Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry
  ☆269Updated last month
• Wh04m1001 / CVE-2023-36874
  ☆233Updated last year
• fortra / CVE-2023-28252
  ☆169Updated last year
• lypd0 / DeadPotato
  DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYS…
  ☆302Updated last month
• zer0condition / mhydeath
  Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.
  ☆373Updated last year
• antonioCoco / SspiUacBypass
  Bypassing UAC with SSPI Datagram Contexts
  ☆335Updated 11 months ago
• senzee1984 / MutationGate
  Use hardware breakpoint to dynamically change SSN in run-time
  ☆227Updated 5 months ago
• senzee1984 / micr0_shell
  micr0shell is a Python script that dynamically generates Windows X64 PIC Null-Free reverse shell shellcode.
  ☆147Updated last month
• vxCrypt0r / Voidgate
  A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…
  ☆439Updated 3 months ago
• oldboy21 / RflDllOb
  Reflective DLL Injection Made Bella
  ☆170Updated last week
• Maldev-Academy / Christmas
  ☆242Updated 7 months ago
• wh0amitz / KRBUACBypass
  UAC Bypass By Abusing Kerberos Tickets
  ☆469Updated last year
• chompie1337 / Windows_MSKSSRV_LPE_CVE-2023-36802
  LPE exploit for CVE-2023-36802
  ☆156Updated 11 months ago
• Black-Frost / windows-learning
  ☆98Updated last month
• BishopFox / CVE-2023-3519
  RCE exploit for CVE-2023-3519
  ☆218Updated last year
• chompie1337 / Windows_LPE_AFD_CVE-2023-21768
  LPE exploit for CVE-2023-21768
  ☆473Updated last year
• MalwareTech / EDR-Preloader
  An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
  ☆387Updated 7 months ago
• Nero22k / cve-2023-29360
  Exploit for CVE-2023-29360 targeting MSKSSRV.SYS driver
  ☆136Updated 11 months ago
• daem0nc0re / VectorKernel
  PoCs for Kernelmode rootkit techniques research.
  ☆333Updated 2 weeks ago
• matro7sh / myph
  shellcode loader for your evasion needs
  ☆257Updated 3 months ago