sec-consult / msiscanLinks
Scanning tool for identifying local privilege escalation issues in vulnerable MSI installers
☆124Updated 11 months ago
Alternatives and similar repositories for msiscan
Users that are interested in msiscan are comparing it to the libraries listed below
Sorting:
- Python3 rewrite of AsOutsider features of AADInternals☆54Updated last month
- ☆89Updated 3 years ago
- Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies☆120Updated last year
- Decrypt GlobalProtect configuration and cookie files.☆150Updated 11 months ago
- A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue☆99Updated last year
- ☆133Updated 6 months ago
- ☆79Updated last year
- ☆112Updated 9 months ago
- Sniffing files generator☆59Updated 6 months ago
- Example code samples from our ScriptBlock Smuggling Blog post☆91Updated last year
- Find DLLs with RWX section☆81Updated 2 years ago
- a variety of tools,scripts and techniques developed and shared with different programming languages by 0xsp Lab☆65Updated 8 months ago
- PoC for CVE-2023-36802 Microsoft Kernel Streaming Service Proxy☆35Updated last year
- Golang search engine scraper intended for identification of published ClickOnce deployments☆83Updated 9 months ago
- A simple C++ Windows tool to get information about processes exposing named pipes.☆38Updated 5 months ago
- Resources linked to my presentation at OffensiveX in Athens in June 2024 on the topic "Breach the Gat, Advanced Initial Access in 2024"☆145Updated last year
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Updated last year
- ☆42Updated last year
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆78Updated last year
- Some of the presentations, workshops, and labs I gave at public conferences.☆33Updated 3 months ago
- ☆76Updated last year
- Local & remote Windows DLL Proxying☆165Updated last year
- bbs is a router for SOCKS and HTTP proxies. It exposes a SOCKS5 (or HTTP CONNECT) service and forwards incoming requests to proxies or ch…☆90Updated 2 months ago
- Blog/Journal on how to backdoor VSCode extensions☆73Updated last month
- Rusty Impersonate☆101Updated 2 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆86Updated 2 years ago
- Remotely Enumerate sessions using undocumented Windows Station APIs☆119Updated last year
- Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io☆86Updated last month
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆106Updated 2 years ago
- WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"☆119Updated last year