klinix5 / ReverseRDP_RCE

Related projects: ⓘ

• oXis / GPUSleep
  Move CS beacon to GPU memory when sleeping
  ☆212Updated 2 years ago
• ly4k / CallbackHell
  Exploit for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)
  ☆457Updated 2 years ago
• dmaasland / proxyshell-poc
  ☆376Updated 3 years ago
• sherlocksecurity / VMware-CVE-2022-22954
  POC for VMWARE CVE-2022-22954
  ☆281Updated 2 years ago
• sailay1996 / RpcSsImpersonator
  Privilege Escalation Via RpcSs svc
  ☆169Updated 2 years ago
• waldo-irc / CVE-2021-21551
  Exploit to SYSTEM for CVE-2021-21551
  ☆236Updated 3 years ago
• L4ys / CVE-2022-21882
  ☆192Updated 2 years ago
• antonioCoco / MalSeclogon
  A little tool to play with the Seclogon service
  ☆301Updated 2 years ago
• D4stiny / ForkPlayground
  An implementation and proof-of-concept of Process Forking.
  ☆217Updated 2 years ago
• 3gstudent / Invoke-BuildAnonymousSMBServer
  Use to build an anonymous SMB file server.
  ☆226Updated 3 years ago
• ajpc500 / BOFs
  Collection of Beacon Object Files
  ☆538Updated last year
• CCob / MirrorDump
  Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…
  ☆258Updated 3 years ago
• Flangvik / SharpProxyLogon
  C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode injection
  ☆237Updated 3 years ago
• Cerbersec / DomainBorrowingC2
  ☆164Updated 3 years ago
• waldo-irc / LockdExeDemo
  A demo of the relevant blog post: https://www.arashparsa.com/hook-heaps-and-live-free/
  ☆182Updated 3 years ago
• 78ResearchLab / PoC
  ☆124Updated 2 years ago
• XiaoliChan / wmiexec-RegOut
  Modify version of impacket wmiexec.py, get output(data,response) from registry, don't need SMB connection, also bypassing antivirus-softw…
  ☆280Updated last year
• boku7 / Ninja_UUID_Runner
  Module Stomping, No New Thread, HellsGate syscaller, UUID Shellcode Runner for x64 Windows 10!
  ☆430Updated last year
• optiv / Registry-Recon
  Cobalt Strike Aggressor Script that Performs System/AV/EDR Recon
  ☆319Updated 2 years ago
• nick-frischkorn / TymSpecial
  ☆140Updated this week
• klezVirus / CandyPotato
  Pure C++, weaponized, fully automated implementation of RottenPotatoNG
  ☆299Updated 3 years ago
• SecuProject / DLLHijackingScanner
  This is a PoC for bypassing UAC using DLL hijacking and abusing the "Trusted Directories" verification.
  ☆270Updated 3 years ago
• hhlxf / PrintNightmare
  ☆137Updated this week
• boku7 / injectEtwBypass
  CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)
  ☆274Updated 2 years ago
• boku7 / spawn
  Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…
  ☆427Updated last year
• hlldz / CVE-2021-1675-LPE
  Local Privilege Escalation Edition for CVE-2021-1675/CVE-2021-34527
  ☆329Updated 3 years ago
• ctxis / DLLHSC
  DLLHSC - DLL Hijack SCanner a tool to assist with the discovery of suitable candidates for DLL Hijacking
  ☆138Updated 4 years ago
• outflanknl / WdToggle
  A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.
  ☆212Updated last year
• zcgonvh / DCOMPotato
  Some Service DCOM Object and SeImpersonatePrivilege abuse.
  ☆347Updated last year
• outflanknl / InlineWhispers
  Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF)
  ☆302Updated 2 years ago