sevagas / WindowsDefender_ASR_Bypass-OffensiveCon2019View external linksLinks
Public documents related to my talk "Bypass Windows Exploit Guard ASR" at Offensive Con 2019.
☆94Feb 24, 2019Updated 6 years ago
Alternatives and similar repositories for WindowsDefender_ASR_Bypass-OffensiveCon2019
Users that are interested in WindowsDefender_ASR_Bypass-OffensiveCon2019 are comparing it to the libraries listed below
Sorting:
- Windows 10 LPE (UAC Bypass) in Windows Store (WSReset.exe)☆267Dec 19, 2019Updated 6 years ago
- PoC for CVE-2019-0888 - Use-After-Free in Windows ActiveX Data Objects (ADO)☆40Jul 9, 2019Updated 6 years ago
- exploit termdd.sys(support kb4499175)☆61Jul 15, 2019Updated 6 years ago
- A fully automatic CVE-2019-0841 bypass targeting all versions of Edge in Windows 10.☆59Jun 11, 2019Updated 6 years ago
- Green shellcode challenge tools☆22Apr 9, 2019Updated 6 years ago
- Bash one-liner that will parse harmj0y's SharpRoast or Rebeus kerberoast into hashcat crack-able format.☆32Feb 28, 2019Updated 6 years ago
- Slide deck for DefCon Beijing☆39May 15, 2018Updated 7 years ago
- Miscellaneous C-Sharp projects for red team activities☆24Aug 12, 2022Updated 3 years ago
- Zerokit/GAPZ rootkit (non buildable and only for researching)☆185Mar 30, 2019Updated 6 years ago
- Code injection via delay load libraries☆36Sep 20, 2017Updated 8 years ago
- Windows 10 UAC bypass PoC using LaunchInfSection☆35Aug 3, 2018Updated 7 years ago
- Windows 10 RS2/RS3 exploitation primitives based on the OffensiveCon 2018 talk☆57Feb 27, 2018Updated 7 years ago
- PoC for Foxit Reader CVE-2018-14442☆58Dec 28, 2018Updated 7 years ago
- PoC for CVE-2017-0075☆37Sep 12, 2019Updated 6 years ago
- The exploit for Panda AV LPE☆37May 22, 2019Updated 6 years ago
- ☆92Apr 17, 2021Updated 4 years ago
- Windows device tree walker☆15Sep 19, 2018Updated 7 years ago
- Small tool to load shellcodes or PEs to analyze them☆83May 16, 2018Updated 7 years ago
- cve-2019-0808-poc☆48Mar 25, 2019Updated 6 years ago
- CVE-2019-9729. Transferred from https://github.com/DoubleLabyrinth/SdoKeyCrypt-sys-local-privilege-elevation☆83Mar 13, 2019Updated 6 years ago
- Local privilege escalation PoC exploit for CVE-2019-16098☆200Sep 13, 2019Updated 6 years ago
- A tiny PoC to inject and execute code into explorer.exe with WM_SETTEXT+WM_COPYDATA+SetThreadContext☆53Apr 29, 2018Updated 7 years ago
- Proof of concept of VMSA-2017-0012☆41Jul 27, 2017Updated 8 years ago
- ☆54Aug 13, 2018Updated 7 years ago
- Playing around with token manipulation in C#.☆29Nov 6, 2019Updated 6 years ago
- Exploiting HEVD's WriteWhatWhereIoctlDispatch for LPE on Windows 10 TH2 through RS3 using GDI objects.☆24Jan 23, 2018Updated 8 years ago
- Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.☆158Jun 10, 2019Updated 6 years ago
- An example of how x64 kernel shellcode can dynamically find and use APIs☆104May 14, 2020Updated 5 years ago
- Reverse engineered source code of the autochk rootkit☆208Nov 1, 2019Updated 6 years ago
- SharpTask is a simple code set to interact with the Task Scheduler service api and is compatible with Cobalt Strike.☆93Feb 15, 2021Updated 4 years ago
- crash poc & Leak info PoC☆18Mar 19, 2018Updated 7 years ago
- Miscellaneous PowerShell scripts for red team activities☆16Jan 15, 2026Updated 3 weeks ago
- Implements the POP/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).☆118Aug 8, 2018Updated 7 years ago
- ☆127Apr 8, 2019Updated 6 years ago
- Windows Installer Bypass using Rollback Script .rbs and .rbf - Race Condition☆22May 24, 2019Updated 6 years ago
- 驱动层拦截web访问源码☆30Apr 2, 2018Updated 7 years ago
- ☆164May 18, 2018Updated 7 years ago
- Retrieve pointers to undocumented kernel functions and offsets to members within undocumented structures to use in your driver by using t…☆64Jun 19, 2019Updated 6 years ago
- ☆37Aug 18, 2019Updated 6 years ago