Disable Windows Defender: UAC Bypass + Upgrade to SYSTEM
Disable Windows Defender Privilege tokens are permissions given by the system to a process. For example, if a process has a “SeShutdownPrivilege” token, then it has the right to turn...
Disable Windows Defender Privilege tokens are permissions given by the system to a process. For example, if a process has a “SeShutdownPrivilege” token, then it has the right to turn...
Defense / Vulnerability Analysis
by do son · Published February 10, 2024 · Last modified December 16, 2024
Hardening Meter HardeningMeter is an open-source Python tool carefully designed to comprehensively assess the security hardening of binaries and systems. Its robust capabilities include thorough checks of various binary exploitation...
Honeyscanner – A vulnerability analyzer for Honeypots Honeyscanner is a vulnerability analyzer for honeypots designed to automatically attack a given honeypot, in order to determine if the honeypot is vulnerable...
Frameless BITB A new approach to Browser In The Browser (BITB) without the use of iframes, allows the bypass of traditional framebusters implemented by login pages like Microsoft. This POC...
SOAPHound SOAPHound is a .NET data collector tool, which collects Active Directory data via the Active Directory Web Services (ADWS) protocol. SOAPHound is an alternative to several open-source security tools...
ADOKit Azure DevOps Services Attack Toolkit – ADOKit is a toolkit that can be used to attack Azure DevOps Services by taking advantage of the available REST API. The tool...
Cookie-Monster Steal browser cookies for Edge, Chrome, and Firefox through a BOF or exe! Cookie-Monster will extract the WebKit master key, locate a browser process with a handle to the...
LOLSpoof LOLSpoof is an interactive shell program that automatically spoofs the command line arguments of the spawned process. Just call your incriminate-looking command line LOLBin (e.g. powershell -w hidden -enc...
IOCTLance Presented at CODE BLUE 2023, this project titled Enhanced Vulnerability Hunting in WDM Drivers with Symbolic Execution and Taint Analysis introduces IOCTLance, a tool that enhances its capacity to detect various vulnerability...
Docker Remote API Scanner and Exploit This repository contains a Docker Remote API Scanner and Exploit tool designed for educational and research purposes. It enables users to perform security assessments...
Maldev Academy – RemoteTLSCallbackInjection This method utilizes TLS callbacks to execute a payload without spawning any threads in a remote process. This method is inspired by Threadless Injection as RemoteTLSCallbackInjection does not...
AngryOxide AngryOxide was developed as a way to learn Rust, netlink, kernel sockets, and WiFi exploitation all at once. The overall goal of this tool is to provide a single-interface...
NovaLdr NovaLdr is a Threadless Module Stomping written in Rust, designed as a learning project while exploring the world of malware development. It uses advanced techniques like indirect syscalls and...
SBSCAN SBSCAN is a penetration testing tool specifically designed for the Spring framework, capable of scanning specified sites for Spring Boot sensitive information and verifying related Spring vulnerabilities. Most Comprehensive...
avred AntiVirus REDucer for AntiVirus REDteaming. Avred is being used to identify which parts of a file are identified by an Antivirus and tries to show as much possible information...