sensepost / bloatware-pwnView external linksLinks
LPE / RCE Exploits for various vulnerable "Bloatware" products
☆84Aug 5, 2025Updated 6 months ago
Alternatives and similar repositories for bloatware-pwn
Users that are interested in bloatware-pwn are comparing it to the libraries listed below
Sorting:
- ForsHops☆59Mar 25, 2025Updated 10 months ago
- Repository for the DEF CON 33 talk: Kill Chain Reloaded☆79Aug 3, 2025Updated 6 months ago
- ☆64May 31, 2024Updated last year
- ☆102Sep 5, 2024Updated last year
- A cmake template for crystal palace☆38Dec 20, 2025Updated last month
- Cobalt Strike Beacon Object File to to change the user's desktop wallpaper☆16Sep 15, 2023Updated 2 years ago
- RPC to WebClient startup☆55Aug 19, 2025Updated 5 months ago
- A simple POC to show how to chain multiple callbacks via tail calls to artificially construct a call stack☆97Dec 22, 2025Updated last month
- A comprehensive ETW (Event Tracing for Windows) event generation tool designed for testing and research purposes.☆257Sep 23, 2025Updated 4 months ago
- Mentally ill EtwTi parser☆66Jan 11, 2026Updated last month
- Python3 implementation of ADRecon with support for NTLM and Kerberos authentication. Generates individual CSV files and a single XSLX rep…☆24Updated this week
- Rust crate to obfuscate strings and byte arrays so they are not in memory when not in use.☆19Dec 23, 2025Updated last month
- A set of programs for analyzing common vulnerabilities in COM☆245Sep 8, 2024Updated last year
- adws enumeration bof☆162Oct 2, 2025Updated 4 months ago
- An interactive TUI tool to create Brute Ratel C4 profiles based on BURP browsing data.☆31May 23, 2025Updated 8 months ago
- ☆58Jul 31, 2025Updated 6 months ago
- Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover☆85Oct 20, 2025Updated 3 months ago
- ☆113Oct 10, 2022Updated 3 years ago
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆60Jan 5, 2026Updated last month
- Internal Monologue BOF☆79Dec 28, 2024Updated last year
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆381Dec 13, 2024Updated last year
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆273Dec 27, 2024Updated last year
- Playing with packets in C#☆14Aug 16, 2024Updated last year
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆345Nov 19, 2024Updated last year
- ECC Public Key Cryptography☆37Oct 29, 2023Updated 2 years ago
- A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass☆165Sep 22, 2025Updated 4 months ago
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆204Aug 21, 2025Updated 5 months ago
- Scripts to interact with Microsoft Graph APIs☆44Nov 7, 2024Updated last year
- A way to maintain long-term access to Windows LAPS for lateral movement in AD via installing an Offensive LAPS RPC backdoor on a DC.☆29Jun 9, 2025Updated 8 months ago
- Windows protocol library, including SMB and RPC implementations, among others.☆614Jan 21, 2026Updated 3 weeks ago
- Lateral Movement via the .NET Profiler☆100Nov 21, 2024Updated last year
- TypeLib persistence technique☆139Oct 22, 2024Updated last year
- An App Domain Manager Injection DLL PoC on steroids☆210Dec 14, 2023Updated 2 years ago
- Step-by-step documentation on how to decrypt SCCM database secrets offline☆50Oct 20, 2025Updated 3 months ago
- AppLocker-Based EDR Neutralization☆289Dec 19, 2025Updated last month
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆184Mar 14, 2025Updated 11 months ago
- ☆86Jan 21, 2025Updated last year
- Generate Proxy DLLs in Rust☆47Sep 2, 2025Updated 5 months ago
- Hide your P/Invoke signatures through other people's signed assemblies☆211Mar 10, 2024Updated last year