xforcered / Windows_LPE_AFD_CVE-2023-21768

Related projects ⓘ

Alternatives and complementary repositories for Windows_LPE_AFD_CVE-2023-21768

• chompie1337 / Windows_LPE_AFD_CVE-2023-21768
  LPE exploit for CVE-2023-21768
  ☆482Updated last year
• trickster0 / TartarusGate
  TartarusGate, Bypassing EDRs
  ☆533Updated 2 years ago
• daem0nc0re / PrivFu
  Kernel mode WinDbg extension and PoCs for token privilege investigation.
  ☆815Updated this week
• kyleavery / AceLdr
  Cobalt Strike UDRL for memory scanner evasion.
  ☆879Updated 5 months ago
• vu-ls / Crassus
  ☆566Updated last week
• binderlabs / DirCreate2System
  Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting
  ☆359Updated last year
• fortra / CVE-2023-28252
  ☆173Updated last year
• gabriellandau / PPLFault
  ☆506Updated 8 months ago
• deepinstinct / Dirty-Vanity
  A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…
  ☆621Updated last year
• varwara / CVE-2024-26229
  CWE-781: Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code
  ☆319Updated 4 months ago
• antonioCoco / SspiUacBypass
  Bypassing UAC with SSPI Datagram Contexts
  ☆412Updated last year
• ycdxsb / WindowsPrivilegeEscalation
  Collection of Windows Privilege Escalation (Analyse/PoC/Exploit)
  ☆320Updated this week
• reveng007 / DarkWidow
  Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …
  ☆560Updated last month
• capt-meelo / laZzzy
  laZzzy is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques.
  ☆460Updated last year
• Wra7h / FlavorTown
  Various ways to execute shellcode
  ☆475Updated 8 months ago
• wh0amitz / KRBUACBypass
  UAC Bypass By Abusing Kerberos Tickets
  ☆480Updated last year
• MalwareTech / EDR-Preloader
  An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
  ☆454Updated 9 months ago
• hacksysteam / CVE-2023-21608
  Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit
  ☆267Updated 11 months ago
• Helixo32 / CrimsonEDR
  Simulate the behavior of AV/EDR for malware development training.
  ☆455Updated 9 months ago
• tastypepperoni / PPLBlade
  Protected Process Dumper Tool
  ☆520Updated last year
• Xre0uS / MultiDump
  MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.
  ☆492Updated 3 months ago
• ZeroMemoryEx / Terminator
  Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
  ☆927Updated last year
• icyguider / UAC-BOF-Bonanza
  Collection of UAC Bypass Techniques Weaponized as BOFs
  ☆408Updated 8 months ago
• redteamsocietegenerale / DLLirant
  DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.
  ☆478Updated last year
• REDMED-X / OperatorsKit
  Collection of Beacon Object Files (BOF) for Cobalt Strike
  ☆540Updated 4 months ago
• g3tsyst3m / elevationstation
  elevate to SYSTEM any way we can! Metasploit and PSEXEC getsystem alternative
  ☆348Updated last year
• vxCrypt0r / Voidgate
  A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…
  ☆469Updated 5 months ago
• zer0condition / mhydeath
  Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.
  ☆383Updated last year
• Meowmycks / LetMeowIn
  A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.
  ☆377Updated 4 months ago