sailay1996/awesome_windows_logical_bugs external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

sailay1996/awesome_windows_logical_bugs

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/sailay1996/awesome_windows_logical_bugs)

Close

sailay1996 / awesome_windows_logical_bugsView on GitHubMore

• External links
• Readme badge

collect for learning cases

☆595Apr 12, 2026Updated last month

Alternatives and similar repositories for awesome_windows_logical_bugs

Users that are interested in awesome_windows_logical_bugs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• googleprojectzero / symboliclink-testing-tools

  View on GitHub
  ☆852Dec 13, 2022Updated 3 years ago
• sailay1996 / WerTrigger

  View on GitHub
  Weaponizing for privileged file writes bugs with windows problem reporting
  ☆254May 10, 2022Updated 4 years ago
• tyranid / WindowsRpcClients

  View on GitHub
  This respository is a collection of C# class libraries which implement RPC clients for various versions of the Windows Operating System f…
  ☆286May 14, 2020Updated 6 years ago
• gdabah / win32k-bugs

  View on GitHub
  Dump of win32k POCs for bugs I've found
  ☆378Mar 6, 2022Updated 4 years ago
• yeyintminthuhtut / Awesome-Advanced-Windows-Exploitation-References

  View on GitHub
  List of Awesome Advanced Windows Exploitation References
  ☆1,562Jan 13, 2022Updated 4 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• FULLSHADE / WindowsExploitationResources

  View on GitHub
  Resources for Windows exploit development
  ☆1,654Dec 20, 2021Updated 4 years ago
• sailay1996 / UAC_Bypass_In_The_Wild

  View on GitHub
  Windows 10 UAC bypass for all executable files which are autoelevate true .
  ☆639Dec 9, 2019Updated 6 years ago
• tyranid / windows-logical-eop-workshop

  View on GitHub
  ☆233Sep 10, 2017Updated 8 years ago
• binderlabs / DirCreate2System

  View on GitHub
  Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting
  ☆365Dec 19, 2022Updated 3 years ago
• jthuraisamy / SysWhispers

  View on GitHub
  AV/EDR evasion via direct system calls.
  ☆2,013Jan 1, 2023Updated 3 years ago
• antonioCoco / RemotePotato0

  View on GitHub
  Windows Privilege Escalation from User to Domain Admin.
  ☆1,457Dec 18, 2022Updated 3 years ago
• itm4n / UsoDllLoader

  View on GitHub
  Windows - Weaponizing privileged file writes with the Update Session Orchestrator service
  ☆406Jun 6, 2020Updated 5 years ago
• CCob / SharpBlock

  View on GitHub
  A method of bypassing EDR's active projection DLL's by preventing entry point exection
  ☆1,166Mar 31, 2021Updated 5 years ago
• itm4n / Perfusion

  View on GitHub
  Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)
  ☆426Apr 22, 2021Updated 5 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• CCob / SweetPotato

  View on GitHub
  Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019
  ☆1,820Sep 4, 2024Updated last year
• monoxgas / Koppeling

  View on GitHub
  Adaptive DLL hijacking / dynamic export forwarding
  ☆818Jul 6, 2020Updated 5 years ago
• googleprojectzero / sandbox-attacksurface-analysis-tools

  View on GitHub
  Set of tools to analyze Windows sandboxes for exposed attack surface.
  ☆2,293Nov 6, 2025Updated 6 months ago
• Mr-Un1k0d3r / SCShell

  View on GitHub
  Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
  ☆1,638Jul 10, 2023Updated 2 years ago
• ReversecLabs / physmem2profit

  View on GitHub
  Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely
  ☆424Jul 27, 2022Updated 3 years ago
• FuzzySecurity / Sharp-Suite

  View on GitHub
  Also known by Microsoft as Knifecoat
  ☆1,145Dec 22, 2022Updated 3 years ago
• outflanknl / Dumpert

  View on GitHub
  LSASS memory dumper using direct system calls and API unhooking.
  ☆1,583Jan 5, 2021Updated 5 years ago
• ethereal-vx / Antivirus-Artifacts

  View on GitHub
  Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.
  ☆760Nov 16, 2021Updated 4 years ago
• RedCursorSecurityConsulting / PPLKiller

  View on GitHub
  Tool to bypass LSA Protection (aka Protected Process Light)
  ☆995Dec 4, 2022Updated 3 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• LloydLabs / delete-self-poc

  View on GitHub
  A way to delete a locked file, or current running executable, on disk.
  ☆620Nov 5, 2025Updated 6 months ago
• irsl / CVE-2020-1313

  View on GitHub
  Proof of concept exploit of Windows Update Orchestrator Service Elevation of Privilege Vulnerability
  ☆124Jul 30, 2020Updated 5 years ago
• ionescu007 / faxhell

  View on GitHub
  A Bind Shell Using the Fax Service and a DLL Hijack
  ☆334May 3, 2020Updated 6 years ago
• hugsy / defcon_27_windbg_workshop

  View on GitHub
  DEFCON 27 workshop - Modern Debugging with WinDbg Preview
  ☆747Nov 1, 2024Updated last year
• antonioCoco / Mapping-Injection

  View on GitHub
  Just another Windows Process Injection
  ☆409Aug 7, 2020Updated 5 years ago
• sailay1996 / delete2SYSTEM

  View on GitHub
  Weaponizing for Arbitrary Files/Directories Delete bugs to Get NT AUTHORITY\SYSTEM
  ☆124Aug 25, 2020Updated 5 years ago
• outflanknl / TamperETW

  View on GitHub
  PoC to demonstrate how CLR ETW events can be tampered.
  ☆192Mar 26, 2020Updated 6 years ago
• sailay1996 / magnifier0day

  View on GitHub
  Windows 10 Privilege Escalation (magnifier.exe) via Dll Search Order Hijacking
  ☆142May 23, 2020Updated 6 years ago
• xairy / vmware-exploitation

  View on GitHub
  A collection of links related to VMware escape exploits
  ☆1,491Sep 4, 2024Updated last year
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• antonioCoco / RoguePotato

  View on GitHub
  Another Windows Local Privilege Escalation from Service Account to System
  ☆1,170Jan 9, 2021Updated 5 years ago
• itm4n / PPLdump

  View on GitHub
  Dump the memory of a PPL with a userland exploit
  ☆893Jul 24, 2022Updated 3 years ago
• joshfaust / Alaris

  View on GitHub
  A protective and Low Level Shellcode Loader that defeats modern EDR systems.
  ☆916Mar 20, 2024Updated 2 years ago
• thefLink / RecycledGate

  View on GitHub
  Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll
  ☆507Feb 3, 2022Updated 4 years ago
• Mr-Un1k0d3r / RedTeamCSharpScripts

  View on GitHub
  C# Script used for Red Team
  ☆721Nov 16, 2021Updated 4 years ago
• phra / PEzor

  View on GitHub
  Open-Source Shellcode & PE Packer
  ☆2,105Feb 3, 2024Updated 2 years ago
• waleedassar / RestrictedKernelLeaks

  View on GitHub
  ☆165Sep 18, 2021Updated 4 years ago