klinix5 / ReverseRDP_RCE
☆248Updated this week
Related projects: ⓘ
- Move CS beacon to GPU memory when sleeping☆212Updated 2 years ago
- Exploit for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)☆457Updated 2 years ago
- ☆376Updated 3 years ago
- POC for VMWARE CVE-2022-22954☆281Updated 2 years ago
- Privilege Escalation Via RpcSs svc☆169Updated 2 years ago
- Exploit to SYSTEM for CVE-2021-21551☆236Updated 3 years ago
- ☆192Updated 2 years ago
- A little tool to play with the Seclogon service☆301Updated 2 years ago
- An implementation and proof-of-concept of Process Forking.☆217Updated 2 years ago
- Use to build an anonymous SMB file server.☆226Updated 3 years ago
- Collection of Beacon Object Files☆538Updated last year
- Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…☆258Updated 3 years ago
- C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode injection☆237Updated 3 years ago
- ☆164Updated 3 years ago
- A demo of the relevant blog post: https://www.arashparsa.com/hook-heaps-and-live-free/☆182Updated 3 years ago
- ☆124Updated 2 years ago
- Modify version of impacket wmiexec.py, get output(data,response) from registry, don't need SMB connection, also bypassing antivirus-softw…☆280Updated last year
- Module Stomping, No New Thread, HellsGate syscaller, UUID Shellcode Runner for x64 Windows 10!☆430Updated last year
- Cobalt Strike Aggressor Script that Performs System/AV/EDR Recon☆319Updated 2 years ago
- ☆140Updated this week
- Pure C++, weaponized, fully automated implementation of RottenPotatoNG☆299Updated 3 years ago
- This is a PoC for bypassing UAC using DLL hijacking and abusing the "Trusted Directories" verification.☆270Updated 3 years ago
- ☆137Updated this week
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆274Updated 2 years ago
- Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…☆427Updated last year
- Local Privilege Escalation Edition for CVE-2021-1675/CVE-2021-34527☆329Updated 3 years ago
- DLLHSC - DLL Hijack SCanner a tool to assist with the discovery of suitable candidates for DLL Hijacking☆138Updated 4 years ago
- A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.☆212Updated last year
- Some Service DCOM Object and SeImpersonatePrivilege abuse.☆347Updated last year
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF)☆302Updated 2 years ago