klinix5 / WindowsMDMLPE
☆75Updated this week
Related projects: ⓘ
- POC tools for exploring SMB over QUIC protocol☆119Updated 2 years ago
- ☆87Updated 2 years ago
- Simple DLL that add a user to the local Administrators group☆74Updated 2 years ago
- .NET project for installing Persistence☆64Updated 2 years ago
- Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.☆105Updated 2 years ago
- Windows MSI Installer LPE (CVE-2021-43883)☆76Updated 2 years ago
- AV/EDR evasion via direct system calls.☆98Updated 9 months ago
- Convert shellcode generated using pe_2_shellcode to cdb format.☆95Updated 2 years ago
- 🐾Dogwalk PoC (using diagcab file to obtain RCE on windows)☆78Updated 2 years ago
- ☆72Updated 10 months ago
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆98Updated 2 years ago
- ☆100Updated this week
- Windows internals and exploitation tricks☆90Updated 3 months ago
- Useful Cobalt Strike Beacon Object Files (BOFs) used during red teaming and penetration testing engagements.☆72Updated 2 years ago
- POC tool to convert CobaltStrike BOF files to raw shellcode☆168Updated 2 years ago
- Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR☆94Updated 3 years ago
- Weaponizing for privileged file writes bugs with PrintNotify Service☆133Updated 2 years ago
- BOF implementation of the research by @jonasLyk and the drafted PoC from @LloydLabs☆169Updated 2 years ago
- DLL Hijack Search Order Enumeration BOF☆140Updated 2 years ago
- ☆135Updated 2 years ago
- ☆96Updated this week
- lpe poc for cve-2022-21882☆47Updated 2 years ago
- Pass the Hash to a named pipe for token Impersonation☆140Updated 3 years ago
- ☆29Updated last year
- Beacon Object File implementation of Event Viewer deserialization UAC bypass☆127Updated 2 years ago
- ☆91Updated 2 years ago
- A Collection of templates that can be used for abusing window's AlwaysInstallElevated policy☆27Updated last year
- ☆50Updated this week
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆87Updated 2 years ago
- ☆87Updated this week