Stars
Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths
Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.
TeamViewer User to Kernel Elevation of Privilege PoC. CVE-2024-7479 and CVE-2024-7481. ZDI-24-1289 and ZDI-24-1290. TV-2024-1006.
This repo covers some code execution and AV Evasion methods for Macros in Office documents
rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.
Python SDK/API for reverse engineered Google Bard
Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors
Fermion, an electron wrapper for Frida & Monaco.
A library for patching, replacing and decorating .NET and Mono methods during runtime
CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit
🚀AI拟声: 5秒内克隆您的声音并生成任意语音内容 Clone a voice in 5 seconds to generate arbitrary speech in real-time
Run PowerShell with rundll32. Bypass software restrictions.
Malicious Macro Generator
wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-m…
Self-developed tools for Lateral Movement/Code Execution
🌏 The missing Safari extension that translates selected text into your native language.
Simple (relatively) things allowing you to dig a bit deeper than usual.
Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!
PowerShell Module for the Antimalware Scan Interface (AMSI)
poc for CVE-2020-1337 (Windows Print Spooler Elevation of Privilege)
collect for learning cases
This repo contains some Amsi Bypass methods i found on different Blog Posts.
YOLO9000: Better, Faster, Stronger - Real-Time Object Detection. 9000 classes!