m417z / CVE-2023-36003-POC
Privilege escalation using the XAML diagnostics API (CVE-2023-36003)
☆90Updated 8 months ago
Related projects: ⓘ
- ☆125Updated 8 months ago
- ☆69Updated 11 months ago
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆91Updated last year
- Just a simple silly PoC demonstrating executable "exe" file that can be used like exe, dll or shellcode...☆120Updated last week
- A POC to disable TamperProtection and other Defender / MDE components☆169Updated 3 months ago
- A modification to fortra's CVE-2023-28252 exploit, compiled to exe☆51Updated 7 months ago
- Reflective DLL Injection Made Bella☆170Updated last week
- Weaponized HellsGate/SigFlip☆188Updated last year
- A set of programs for analyzing common vulnerabilities in COM☆94Updated last week
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated 6 months ago
- Construct the payload at runtime using an array of offsets☆59Updated 3 months ago
- Automated .NET AppDomain hijack payload generation☆112Updated 2 months ago
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆144Updated 4 months ago
- ☆121Updated last month
- Windows Kernel Offensive Toolset☆111Updated last week
- ☆33Updated 2 months ago
- ☆55Updated this week
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆139Updated 4 months ago
- Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …☆145Updated last month
- ☆142Updated 11 months ago
- ☆144Updated this week
- Collection of one-liners to bypass User Account Control (UAC) in Windows. These techniques exploit certain behavior in Windows applicatio…☆83Updated 11 months ago
- Work, timer, and wait callback example using solely Native Windows APIs.☆81Updated 7 months ago
- random code snippets, useful for getting started☆108Updated 2 months ago
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆106Updated last month
- ☆155Updated 10 months ago
- Just another C2 Redirector using CloudFlare.☆76Updated 4 months ago
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆164Updated 8 months ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆76Updated 3 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆45Updated 2 months ago