ycdxsb / WindowsPrivilegeEscalation
Collection of Windows Privilege Escalation (Analyse/PoC/Exploit)
☆382Updated 4 months ago
Alternatives and similar repositories for WindowsPrivilegeEscalation:
Users that are interested in WindowsPrivilegeEscalation are comparing it to the libraries listed below
- LPE exploit for CVE-2023-21768☆486Updated last year
- Kernel mode WinDbg extension and PoCs for token privilege investigation.☆847Updated 2 months ago
- Another Windows Local Privilege Escalation from Service Account to System☆843Updated 2 years ago
- bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)☆540Updated 9 months ago
- LPE exploit for CVE-2023-21768☆417Updated 2 years ago
- ☆195Updated 3 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆921Updated 10 months ago
- ☆750Updated last year
- laZzzy is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques.☆469Updated 2 years ago
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆632Updated 2 years ago
- Leaked Windows processes handles identification tool☆286Updated 3 years ago
- TartarusGate, Bypassing EDRs☆579Updated 3 years ago
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆1,308Updated last year
- A Highly capable Pe Packer☆697Updated 2 years ago
- ☆178Updated last year
- This repo contains C/C++ snippets that can be handy in specific offensive scenarios.☆699Updated 2 months ago
- ☆314Updated 2 years ago
- ☆327Updated 10 months ago
- ☆524Updated last year
- Alternative Shellcode Execution Via Callbacks☆1,549Updated 2 years ago
- SysWhispers on Steroids - AV/EDR evasion via direct system calls.☆1,407Updated 8 months ago
- Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".☆655Updated last year
- Various ways to execute shellcode☆487Updated last year
- Syscall Shellcode Loader (Work in Progress)☆1,181Updated 11 months ago
- Bypassing UAC with SSPI Datagram Contexts☆432Updated last year
- A protective and Low Level Shellcode Loader that defeats modern EDR systems.☆901Updated last year
- Sleep Obfuscation☆739Updated last year
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆669Updated last month
- A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) wit…☆518Updated 2 months ago
- Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit☆271Updated last year