klezVirus / AIDA64DRIVER-EoPView external linksLinks
AIDA64DRIVER Elevation of Privilege Vulnerability
☆16Oct 25, 2024Updated last year
Alternatives and similar repositories for AIDA64DRIVER-EoP
Users that are interested in AIDA64DRIVER-EoP are comparing it to the libraries listed below
Sorting:
- Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules☆43May 6, 2023Updated 2 years ago
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆16Jan 7, 2023Updated 3 years ago
- using wnbios64.sys for arbitrary r/w☆15Oct 12, 2025Updated 4 months ago
- Single-header LZW (Lempel-Ziv-Welch) C Library, headerless compressor & decompressor (variable code, 9-16 bits)☆22Jan 2, 2026Updated last month
- RPC to WebClient startup☆55Aug 19, 2025Updated 5 months ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆63Mar 19, 2024Updated last year
- Structured CSVs and table schemas extracted from the 29-April-2025 LockBit affiliate-panel database leak.☆28May 8, 2025Updated 9 months ago
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆46Jul 29, 2024Updated last year
- A firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a unprivileged user☆40Aug 15, 2024Updated last year
- a demo module for the kaine agent to execute and inject assembly modules☆41Aug 28, 2024Updated last year
- Automated Evilginx phishlet creator Extension for Burpsuite☆63Jan 10, 2025Updated last year
- A thin Rust wrapper around Windows' hardware breakpoints.☆21Jul 14, 2022Updated 3 years ago
- By manipulating LSASS memory flags like UseLogonCredential and IsCredGuardEnabled, this repo demonstrates how Credential Guard can be byp…☆14May 25, 2025Updated 8 months ago
- PhantomsGate: Advanced Shellcode Injection Technique☆26Jul 15, 2024Updated last year
- Linux Sleep Obfuscation☆107Jan 7, 2024Updated 2 years ago
- User-mode implementation of HTTP.SYS. Implements HTTP 1.1 of the "HTTP Server API 2.0" for web servers☆44Feb 17, 2025Updated 11 months ago
- Beacon Object File (BOF) Template☆62Feb 6, 2026Updated last week
- Exploiting the KsecDD Windows driver through Server Silos☆76Nov 11, 2024Updated last year
- early cascade injection PoC based on Outflanks blog post, in rust☆62Nov 8, 2024Updated last year
- This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCr…☆63Feb 11, 2024Updated 2 years ago
- Using LNK files and user input simulation to start processes under explorer.exe☆33Sep 21, 2024Updated last year
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆42Apr 6, 2025Updated 10 months ago
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆125Feb 13, 2023Updated 3 years ago
- TypeLib persistence technique☆139Oct 22, 2024Updated last year
- A Reflective Loader for macOS☆146Jul 20, 2025Updated 6 months ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆280Sep 18, 2024Updated last year
- Remotely Enumerate sessions using undocumented Windows Station APIs☆118Aug 21, 2024Updated last year
- sigreturn-oriented programming (SROP) based sleep obfuscation poc for Linux☆63Dec 15, 2025Updated 2 months ago
- A wrapper around the Proxmark3 client that will alert the user of specific events☆30Dec 13, 2020Updated 5 years ago
- List the ETW provider(s) in the registration table of a process.☆80Sep 20, 2023Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆96Mar 20, 2023Updated 2 years ago
- Host CLR and run .NET binaries using Rust☆149Dec 23, 2025Updated last month
- Impersonate Tokens using only NTAPI functions☆83Apr 4, 2025Updated 10 months ago
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆136Aug 10, 2024Updated last year
- PoC for CVE-2021-36934, which enables a standard user to be able to retrieve the SAM, Security, and Software Registry hives in Windows 10…☆35Sep 24, 2022Updated 3 years ago
- PoC to self-delete a binary in C#☆35Feb 6, 2024Updated 2 years ago
- A rework of CMLuaUtil AutoElevated☆30Nov 6, 2022Updated 3 years ago
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆78Aug 5, 2024Updated last year
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆84Aug 13, 2024Updated last year