m417z / CVE-2023-36003-POC

Related projects: ⓘ

• Wh04m1001 / CVE-2024-20656
  ☆125Updated 8 months ago
• Wh04m1001 / CVE-2023-36723
  ☆69Updated 11 months ago
• MzHmO / DebugAmsi
  DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.
  ☆91Updated last year
• Dump-GUY / EXE-or-DLL-or-ShellCode
  Just a simple silly PoC demonstrating executable "exe" file that can be used like exe, dll or shellcode...
  ☆120Updated last week
• AlteredSecurity / Disable-TamperProtection
  A POC to disable TamperProtection and other Defender / MDE components
  ☆169Updated 3 months ago
• duck-sec / CVE-2023-28252-Compiled-exe
  A modification to fortra's CVE-2023-28252 exploit, compiled to exe
  ☆51Updated 7 months ago
• oldboy21 / RflDllOb
  Reflective DLL Injection Made Bella
  ☆170Updated last week
• florylsk / SignatureGate
  Weaponized HellsGate/SigFlip
  ☆188Updated last year
• CICADA8-Research / COMThanasia
  A set of programs for analyzing common vulnerabilities in COM
  ☆94Updated last week
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆46Updated 6 months ago
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆59Updated 3 months ago
• nbaertsch / AutoAppDomainHijack
  Automated .NET AppDomain hijack payload generation
  ☆112Updated 2 months ago
• oh-az / NoArgs
  NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…
  ☆144Updated 4 months ago
• deepinstinct / ShimMe
  ☆121Updated last month
• lem0nSec / KBlast
  Windows Kernel Offensive Toolset
  ☆111Updated last week
• carsonchan12345 / CVE-2024-37726-MSI-Center-Local-Privilege-Escalation
  ☆33Updated 2 months ago
• RtlDallas / vs-shellcode
  ☆55Updated this week
• Diverto / IPPrintC2
  PoC for using MS Windows printers for persistence / command and control via Internet Printing
  ☆139Updated 4 months ago
• WKL-Sec / LayeredSyscall
  Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …
  ☆145Updated last month
• OtterHacker / SetProcessInjection
  ☆142Updated 11 months ago
• EvilGreys / Hide-CobaltStrike
  ☆144Updated this week
• blue0x1 / uac-bypass-oneliners
  Collection of one-liners to bypass User Account Control (UAC) in Windows. These techniques exploit certain behavior in Windows applicatio…
  ☆83Updated 11 months ago
• fin3ss3g0d / NativeThreadpool
  Work, timer, and wait callback example using solely Native Windows APIs.
  ☆81Updated 7 months ago
• 0xTriboulet / Red_Team_Code_Snippets
  random code snippets, useful for getting started
  ☆108Updated 2 months ago
• klezVirus / RpcProxyInvoke
  Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar
  ☆106Updated last month
• decoder-it / TokenStealer
  ☆155Updated 10 months ago
• som3canadian / Cloudflare-Redirector
  Just another C2 Redirector using CloudFlare.
  ☆76Updated 4 months ago
• MalwareTech / EDRception
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆164Updated 8 months ago
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆76Updated 3 months ago
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆45Updated 2 months ago