poc for CVE-2020-1337 (Windows Print Spooler Elevation of Privilege)
☆171Aug 13, 2020Updated 5 years ago
Alternatives and similar repositories for cve-2020-1337-poc
Users that are interested in cve-2020-1337-poc are comparing it to the libraries listed below
Sorting:
- CVE-2020-1048 bypass: binary planting PoC☆33Aug 20, 2020Updated 5 years ago
- CVE-2020-1337 Windows Print Spooler Privilege Escalation☆152Dec 15, 2023Updated 2 years ago
- Print Spooler Named Pipe Impersonation for Cobalt Strike☆272Jun 13, 2020Updated 5 years ago
- POC for NetworkService PrivEsc☆130May 4, 2020Updated 5 years ago
- Run Rubeus via Rundll32☆207Apr 25, 2020Updated 5 years ago
- Create a minidump of the LSASS process from memory☆261Nov 2, 2022Updated 3 years ago
- SharpCompile is an aggressor script for Cobalt Strike which allows you to compile and execute C# in realtime. This is a more slick approa…☆290Aug 7, 2020Updated 5 years ago
- ☆99Sep 20, 2021Updated 4 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆219Mar 5, 2020Updated 6 years ago
- A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.☆220May 3, 2023Updated 2 years ago
- .NET 4.0 WinRM API Command Execution☆166Sep 11, 2020Updated 5 years ago
- Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team.☆608Aug 5, 2022Updated 3 years ago
- A BOF.NET program to split a file into smaller chunks and email it via a specified SMTP relay.☆15Jun 24, 2021Updated 4 years ago
- This tool enables the compilation of a C# program that will execute arbitrary PowerShell code, without launching PowerShell processes thr…☆196Jul 26, 2020Updated 5 years ago
- Custom Metasploit post module to executing a .NET Assembly from Meterpreter session☆347Jul 21, 2020Updated 5 years ago
- Yet another PoC for https://www.wietzebeukema.nl/blog/hijacking-dlls-in-windows☆143Jul 11, 2020Updated 5 years ago
- A C# tool to search through a running instance of Outlook for keywords☆111Jan 14, 2021Updated 5 years ago
- Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…☆469Mar 8, 2023Updated 3 years ago
- Loads any C# binary in mem, patching AMSI + ETW.☆844Oct 3, 2021Updated 4 years ago
- .Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py☆617Feb 16, 2023Updated 3 years ago
- My CobaltStrike BOFS☆167Jul 23, 2022Updated 3 years ago
- ☆53Oct 20, 2020Updated 5 years ago
- Cisco AnyConnect < 4.8.02042 privilege escalation through path traversal☆106May 25, 2020Updated 5 years ago
- Asynchronous Password Spraying Tool in C# for Windows Environments☆317Dec 19, 2023Updated 2 years ago
- C# port of the Get-AppLockerPolicy PS cmdlet☆100Dec 8, 2022Updated 3 years ago
- Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely☆424Jul 27, 2022Updated 3 years ago
- Windows 10 UAC bypass for all executable files which are autoelevate true .☆641Dec 9, 2019Updated 6 years ago
- Port of Invoke-Excel4DCOM☆104Oct 12, 2019Updated 6 years ago
- GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects☆251Sep 26, 2020Updated 5 years ago
- Miscellaneous Tools☆270Oct 29, 2020Updated 5 years ago
- A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…☆275May 3, 2023Updated 2 years ago
- This is a PowerShell Empire launcher PoC using PrintDemon and Faxhell.☆200Oct 17, 2020Updated 5 years ago
- POC for .NET mssql client for accessing database data through beacon☆64Sep 12, 2023Updated 2 years ago
- Exploit to SYSTEM for CVE-2021-21551☆235May 20, 2021Updated 4 years ago
- SharpDoor is alternative RDPWrap written in C# to allowed multiple RDP (Remote Desktop) sessions by patching termsrv.dll file.☆314Sep 30, 2019Updated 6 years ago
- Windows EoP Bugs☆127Jun 9, 2020Updated 5 years ago
- CVE-2020-1337 a bypass of (PrintDemon) CVE-2020-1048’s patch☆14Aug 11, 2020Updated 5 years ago
- A port of FuzzySecurity's UrbanBishop project for inline shellcode execution☆118Sep 29, 2020Updated 5 years ago
- Windows 10 Privilege Escalation (magnifier.exe) via Dll Search Order Hijacking☆142May 23, 2020Updated 5 years ago