passtheticket / CVE-2024-38200View external linksLinks
CVE-2024-38200 & CVE-2024-43609 - Microsoft Office NTLMv2 Disclosure Vulnerability
☆146Jan 13, 2025Updated last year
Alternatives and similar repositories for CVE-2024-38200
Users that are interested in CVE-2024-38200 are comparing it to the libraries listed below
Sorting:
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆259Aug 13, 2024Updated last year
- ☆158Jul 10, 2024Updated last year
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆181May 19, 2025Updated 8 months ago
- Hacking Windows through iTunes - Local Privilege Escalation 0-day☆98Oct 4, 2024Updated last year
- Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC☆418Sep 29, 2025Updated 4 months ago
- Windows Administrator level Implant.☆50Sep 28, 2024Updated last year
- Proof of Concept Exploit for CVE-2024-9465☆30Oct 9, 2024Updated last year
- POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY☆226Apr 12, 2025Updated 10 months ago
- LPE of CVE-2024-26230☆23Sep 1, 2024Updated last year
- poc for CVE-2024-38063 (RCE in tcpip.sys)☆687Aug 27, 2024Updated last year
- Citrix Virtual Apps and Desktops (XEN) Unauthenticated RCE☆200Nov 12, 2024Updated last year
- CVE-2024-30090 - LPE PoC☆108Oct 17, 2024Updated last year
- ☆22Jul 15, 2023Updated 2 years ago
- LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and r…☆381Apr 26, 2025Updated 9 months ago
- Exploit AD CS misconfiguration allowing privilege escalation and persistence from any child domain to full forest compromise☆125Dec 2, 2023Updated 2 years ago
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆166Oct 9, 2024Updated last year
- Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advance…☆568May 22, 2025Updated 8 months ago
- This repo contains useful scripts that AI created for me which I would have been too lazy for☆82Updated this week
- Python implementation of GhostPack's Seatbelt situational awareness tool☆270Nov 12, 2024Updated last year
- ☆282Jul 31, 2024Updated last year
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆381Dec 13, 2024Updated last year
- TeamViewer User to Kernel Elevation of Privilege PoC. CVE-2024-7479 and CVE-2024-7481. ZDI-24-1289 and ZDI-24-1290. TV-2024-1006.☆136Dec 22, 2024Updated last year
- Abusing Azure services over C2☆368Jan 20, 2026Updated 3 weeks ago
- Oracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability☆217May 9, 2024Updated last year
- Azure Post Exploitation Framework☆244Oct 27, 2025Updated 3 months ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆345Nov 19, 2024Updated last year
- ☆82Apr 9, 2024Updated last year
- Activation cache poisoning to elevate from medium to high integrity (CVE-2024-6769)☆79Sep 29, 2024Updated last year
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆212Oct 19, 2024Updated last year
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆635May 8, 2025Updated 9 months ago
- ☆409Dec 8, 2024Updated last year
- Zimbra - Remote Command Execution (CVE-2024-45519)☆135Apr 6, 2025Updated 10 months ago
- LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113☆513Jan 2, 2025Updated last year
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆273Dec 27, 2024Updated last year
- Nameless C2 - A C2 with all its components written in Rust☆282Sep 26, 2024Updated last year
- ☆125Sep 5, 2024Updated last year
- ☆198Mar 28, 2025Updated 10 months ago
- Leak NTLM via Website tab in teams via MS Office☆78Mar 28, 2024Updated last year
- ACEshark is a utility designed for rapid extraction and analysis of Windows service configurations and Access Control Entries, eliminatin…☆121Jan 15, 2025Updated last year