tyranid / DeviceGuardBypassesLinks
A repository of some of my Windows 10 Device Guard Bypasses
☆137Updated 7 years ago
Alternatives and similar repositories for DeviceGuardBypasses
Users that are interested in DeviceGuardBypasses are comparing it to the libraries listed below
Sorting:
- A tool to exploit .NET DCOM for EoP and RCE. Is fixed in latest versions of the .NET.☆91Updated 10 years ago
- ☆229Updated 7 years ago
- PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.☆151Updated 6 years ago
- VBS Reversed TCP Meterpreter Stager☆87Updated 8 years ago
- FLARE Kernel Shellcode Loader☆178Updated 6 years ago
- ☆141Updated 8 years ago
- Pazuzu: Reflective DLL to run binaries from memory☆216Updated 4 years ago
- CACTUSTORCH: Payload Generation for Adversary Simulations☆76Updated 6 years ago
- PoC dlls for Task Scheduler COM Hijacking☆94Updated 8 years ago
- Reflective Polymorphism☆104Updated 6 years ago
- Public documents related to my talk "Bypass Windows Exploit Guard ASR" at Offensive Con 2019.☆93Updated 6 years ago
- ☆83Updated 9 years ago
- NCC Group's analysis and exploitation of CVE-2017-8759 along with further refinements☆96Updated 7 years ago
- MS17-012 - COM Session Moniker EoP Exploit running within MSBuild.exe☆59Updated 8 years ago
- BlueHatIL 2020 - Staying # and Bringing Covert Injection Tradecraft to .NET☆146Updated 5 years ago
- A C++ POC for process injection using NtCreateSectrion, NtMapViewOfSection and RtlCreateUserThread. Credit to @spotheplanet for his notes…☆43Updated 4 years ago
- HackSys Extreme Vulnerable Driver - Windows 10 x64 StackOverflow Exploit with SMEP Bypass☆62Updated 7 years ago
- A proof-of-concept subject interface package (SIP) used to demonstrate digital signature subversion attacks.☆96Updated 7 years ago
- UAC 0Day all day!☆57Updated 7 years ago
- An exploit for CVE-2016-7255 on Windows 7/8/8.1/10(pre-anniversary) 64 bit☆81Updated 8 years ago
- Sandbox escape using WinHTTP Web Proxy Auto-Discovery Service☆85Updated 5 years ago
- ☆63Updated 9 years ago
- POC Highlighting Obfuscation Techniques used by FIN threat actors based on cmd.exe's replace functionality and cmd.exe/powershell.exe's s…☆104Updated 7 years ago
- Proxy system calls over an RPC channel☆98Updated 3 years ago
- PoC for Privilege Escalation in Windows 10 Diagnostics Hub Standard Collector Service☆109Updated 6 years ago
- Workshop material for a Windows Attack Surface Analysis Workshop☆67Updated 6 years ago
- Generates anti-sandbox analysis HTA files without payloads☆119Updated 8 years ago
- Shim database persistence (Fin7 TTP)☆37Updated 5 years ago
- UAC Bypass with mmc via alpc☆156Updated 6 years ago
- a tool to make it easy and fast to test various forms of injection☆173Updated 6 years ago