tyranid / DeviceGuardBypasses
A repository of some of my Windows 10 Device Guard Bypasses
☆135Updated 7 years ago
Alternatives and similar repositories for DeviceGuardBypasses:
Users that are interested in DeviceGuardBypasses are comparing it to the libraries listed below
- NCC Group's analysis and exploitation of CVE-2017-8759 along with further refinements☆96Updated 7 years ago
- ☆228Updated 6 years ago
- CACTUSTORCH: Payload Generation for Adversary Simulations☆75Updated 6 years ago
- Reflective Polymorphism☆104Updated 6 years ago
- A tool to exploit .NET DCOM for EoP and RCE. Is fixed in latest versions of the .NET.☆90Updated 10 years ago
- PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.☆150Updated 5 years ago
- Workshop material for a Windows Attack Surface Analysis Workshop☆67Updated 5 years ago
- FLARE Kernel Shellcode Loader☆176Updated 5 years ago
- Pazuzu: Reflective DLL to run binaries from memory☆214Updated 4 years ago
- Public documents related to my talk "Bypass Windows Exploit Guard ASR" at Offensive Con 2019.☆93Updated 6 years ago
- ☆140Updated 7 years ago
- UAC Bypass with mmc via alpc☆156Updated 5 years ago
- VBS Reversed TCP Meterpreter Stager☆86Updated 7 years ago
- PoC dlls for Task Scheduler COM Hijacking☆92Updated 8 years ago
- CVE-2018-8440 standalone exploit☆79Updated 6 years ago
- ☆51Updated 8 years ago
- HackSys Extreme Vulnerable Driver - Windows 10 x64 StackOverflow Exploit with SMEP Bypass☆61Updated 7 years ago
- A C++ POC for process injection using NtCreateSectrion, NtMapViewOfSection and RtlCreateUserThread. Credit to @spotheplanet for his notes…☆43Updated 3 years ago
- ReaCOM has got a lot of tools to use and is related to component object model☆74Updated 5 years ago
- MS17-012 - COM Session Moniker EoP Exploit running within MSBuild.exe☆59Updated 8 years ago
- ☆109Updated 6 years ago
- ☆84Updated 9 years ago
- BlueHatIL 2020 - Staying # and Bringing Covert Injection Tradecraft to .NET☆145Updated 5 years ago
- The PowerThIEf, an Internet Explorer Post Exploitation library☆130Updated last month
- Mario & Luigi - Tools for sniffing Windows Named Pipes communication☆129Updated 8 years ago
- Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.☆156Updated 5 years ago
- ☆27Updated 8 years ago
- A proof-of-concept subject interface package (SIP) used to demonstrate digital signature subversion attacks.☆95Updated 7 years ago
- Python solutions for the HackSysTeam Extreme Vulnerable Driver☆151Updated 4 years ago
- In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)☆165Updated 7 years ago