m417z / CVE-2023-36003-POC

Related projects ⓘ

Alternatives and complementary repositories for CVE-2023-36003-POC

• Wh04m1001 / CVE-2024-20656
  ☆132Updated 10 months ago
• MzHmO / DebugAmsi
  DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.
  ☆91Updated last year
• NtDallas / KrakenMask
  Sleep obfuscation
  ☆141Updated last week
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆47Updated 8 months ago
• lsecqt / ThreadlessInject-C-Implementation
  This repository implements Threadless Injection in C
  ☆154Updated 10 months ago
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆46Updated 3 months ago
• duck-sec / CVE-2023-28252-Compiled-exe
  A modification to fortra's CVE-2023-28252 exploit, compiled to exe
  ☆52Updated 9 months ago
• MalwareTech / EDRception
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆171Updated 10 months ago
• OtterHacker / SetProcessInjection
  ☆142Updated last year
• oldboy21 / RflDllOb
  Reflective DLL Injection Made Bella
  ☆200Updated last month
• carsonchan12345 / CVE-2024-37726-MSI-Center-Local-Privilege-Escalation
  ☆33Updated 4 months ago
• securifybv / BOFRyptor
  ☆118Updated last year
• deepinstinct / ShimMe
  ☆124Updated 3 weeks ago
• Wh04m1001 / CVE-2023-36723
  ☆68Updated last year
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆58Updated 5 months ago
• AlteredSecurity / Disable-TamperProtection
  A POC to disable TamperProtection and other Defender / MDE components
  ☆186Updated 5 months ago
• Diverto / IPPrintC2
  PoC for using MS Windows printers for persistence / command and control via Internet Printing
  ☆143Updated 6 months ago
• oldboy21 / JayFinder
  Find DLLs with RWX section
  ☆75Updated last year
• lem0nSec / KBlast
  Windows Kernel Offensive Toolset
  ☆113Updated 2 months ago
• mlcsec / EDRenum-BOF
  Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.
  ☆108Updated last month
• fin3ss3g0d / NativeThreadpool
  Work, timer, and wait callback example using solely Native Windows APIs.
  ☆83Updated 9 months ago
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆82Updated 5 months ago
• ZERODETECTION / MSC_Dropper
  ☆126Updated 3 months ago
• CICADA8-Research / COMThanasia
  A set of programs for analyzing common vulnerabilities in COM
  ☆154Updated 2 months ago
• passtheticket / CVE-2024-38200
  CVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability
  ☆129Updated last month
• nocerainfosec / TakeMyRDP2.0
  An updated version of keystroke logger targeting the Remote Desktop Protocol (RDP) related processes, It utilizes a low-level keyboard in…
  ☆103Updated last year
• 0xv1n / RemoteSessionEnum
  Remotely Enumerate sessions using undocumented Windows Station APIs
  ☆109Updated 3 months ago
• VoldeSec / PatchlessCLRLoader
  .NET assembly loader with patchless AMSI and ETW bypass
  ☆278Updated last year
• 0xTriboulet / Red_Team_Code_Snippets
  random code snippets, useful for getting started
  ☆112Updated last week
• nbaertsch / AutoAppDomainHijack
  Automated .NET AppDomain hijack payload generation
  ☆113Updated 4 months ago