sailay1996/awesome_windows_logical_bugs external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

sailay1996/awesome_windows_logical_bugs

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/sailay1996/awesome_windows_logical_bugs)

Close

sailay1996 / awesome_windows_logical_bugsView on GitHubMore

• External links
• Readme badge

collect for learning cases

☆593Apr 12, 2026Updated this week

Alternatives and similar repositories for awesome_windows_logical_bugs

Users that are interested in awesome_windows_logical_bugs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• googleprojectzero / symboliclink-testing-tools

  View on GitHub
  ☆849Dec 13, 2022Updated 3 years ago
• sailay1996 / WerTrigger

  View on GitHub
  Weaponizing for privileged file writes bugs with windows problem reporting
  ☆249May 10, 2022Updated 3 years ago
• tyranid / WindowsRpcClients

  View on GitHub
  This respository is a collection of C# class libraries which implement RPC clients for various versions of the Windows Operating System f…
  ☆285May 14, 2020Updated 5 years ago
• gdabah / win32k-bugs

  View on GitHub
  Dump of win32k POCs for bugs I've found
  ☆380Mar 6, 2022Updated 4 years ago
• yeyintminthuhtut / Awesome-Advanced-Windows-Exploitation-References

  View on GitHub
  List of Awesome Advanced Windows Exploitation References
  ☆1,557Jan 13, 2022Updated 4 years ago
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• sailay1996 / UAC_Bypass_In_The_Wild

  View on GitHub
  Windows 10 UAC bypass for all executable files which are autoelevate true .
  ☆641Dec 9, 2019Updated 6 years ago
• FULLSHADE / WindowsExploitationResources

  View on GitHub
  Resources for Windows exploit development
  ☆1,650Dec 20, 2021Updated 4 years ago
• tyranid / windows-logical-eop-workshop

  View on GitHub
  ☆234Sep 10, 2017Updated 8 years ago
• binderlabs / DirCreate2System

  View on GitHub
  Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting
  ☆363Dec 19, 2022Updated 3 years ago
• jthuraisamy / SysWhispers

  View on GitHub
  AV/EDR evasion via direct system calls.
  ☆2,003Jan 1, 2023Updated 3 years ago
• antonioCoco / RemotePotato0

  View on GitHub
  Windows Privilege Escalation from User to Domain Admin.
  ☆1,455Dec 18, 2022Updated 3 years ago
• itm4n / UsoDllLoader

  View on GitHub
  Windows - Weaponizing privileged file writes with the Update Session Orchestrator service
  ☆406Jun 6, 2020Updated 5 years ago
• CCob / SharpBlock

  View on GitHub
  A method of bypassing EDR's active projection DLL's by preventing entry point exection
  ☆1,166Mar 31, 2021Updated 5 years ago
• CCob / SweetPotato

  View on GitHub
  Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019
  ☆1,818Sep 4, 2024Updated last year
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• itm4n / Perfusion

  View on GitHub
  Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)
  ☆426Apr 22, 2021Updated 4 years ago
• googleprojectzero / sandbox-attacksurface-analysis-tools

  View on GitHub
  Set of tools to analyze Windows sandboxes for exposed attack surface.
  ☆2,279Nov 6, 2025Updated 5 months ago
• monoxgas / Koppeling

  View on GitHub
  Adaptive DLL hijacking / dynamic export forwarding
  ☆812Jul 6, 2020Updated 5 years ago
• Mr-Un1k0d3r / SCShell

  View on GitHub
  Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
  ☆1,619Jul 10, 2023Updated 2 years ago
• FuzzySecurity / Sharp-Suite

  View on GitHub
  Also known by Microsoft as Knifecoat
  ☆1,150Dec 22, 2022Updated 3 years ago
• ReversecLabs / physmem2profit

  View on GitHub
  Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely
  ☆424Jul 27, 2022Updated 3 years ago
• outflanknl / Dumpert

  View on GitHub
  LSASS memory dumper using direct system calls and API unhooking.
  ☆1,581Jan 5, 2021Updated 5 years ago
• ethereal-vx / Antivirus-Artifacts

  View on GitHub
  Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.
  ☆759Nov 16, 2021Updated 4 years ago
• RedCursorSecurityConsulting / PPLKiller

  View on GitHub
  Tool to bypass LSA Protection (aka Protected Process Light)
  ☆992Dec 4, 2022Updated 3 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• LloydLabs / delete-self-poc

  View on GitHub
  A way to delete a locked file, or current running executable, on disk.
  ☆619Nov 5, 2025Updated 5 months ago
• irsl / CVE-2020-1313

  View on GitHub
  Proof of concept exploit of Windows Update Orchestrator Service Elevation of Privilege Vulnerability
  ☆124Jul 30, 2020Updated 5 years ago
• ionescu007 / faxhell

  View on GitHub
  A Bind Shell Using the Fax Service and a DLL Hijack
  ☆332May 3, 2020Updated 5 years ago
• hugsy / defcon_27_windbg_workshop

  View on GitHub
  DEFCON 27 workshop - Modern Debugging with WinDbg Preview
  ☆745Nov 1, 2024Updated last year
• antonioCoco / Mapping-Injection

  View on GitHub
  Just another Windows Process Injection
  ☆409Aug 7, 2020Updated 5 years ago
• sailay1996 / delete2SYSTEM

  View on GitHub
  Weaponizing for Arbitrary Files/Directories Delete bugs to Get NT AUTHORITY\SYSTEM
  ☆124Aug 25, 2020Updated 5 years ago
• outflanknl / TamperETW

  View on GitHub
  PoC to demonstrate how CLR ETW events can be tampered.
  ☆192Mar 26, 2020Updated 6 years ago
• sailay1996 / magnifier0day

  View on GitHub
  Windows 10 Privilege Escalation (magnifier.exe) via Dll Search Order Hijacking
  ☆142May 23, 2020Updated 5 years ago
• xairy / vmware-exploitation

  View on GitHub
  A collection of links related to VMware escape exploits
  ☆1,493Sep 4, 2024Updated last year
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• antonioCoco / RoguePotato

  View on GitHub
  Another Windows Local Privilege Escalation from Service Account to System
  ☆1,166Jan 9, 2021Updated 5 years ago
• itm4n / PPLdump

  View on GitHub
  Dump the memory of a PPL with a userland exploit
  ☆890Jul 24, 2022Updated 3 years ago
• joshfaust / Alaris

  View on GitHub
  A protective and Low Level Shellcode Loader that defeats modern EDR systems.
  ☆916Mar 20, 2024Updated 2 years ago
• thefLink / RecycledGate

  View on GitHub
  Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll
  ☆502Feb 3, 2022Updated 4 years ago
• Mr-Un1k0d3r / RedTeamCSharpScripts

  View on GitHub
  C# Script used for Red Team
  ☆722Nov 16, 2021Updated 4 years ago
• phra / PEzor

  View on GitHub
  Open-Source Shellcode & PE Packer
  ☆2,087Feb 3, 2024Updated 2 years ago
• waleedassar / RestrictedKernelLeaks

  View on GitHub
  ☆165Sep 18, 2021Updated 4 years ago