Computer object takeover through Resource-Based Constrained Delegation (msDS-AllowedToActOnBehalfOfOtherIdentity)

The Web UI for Antnium

Generic impersonation and privilege escalation with Golang. Like GenericPotato both named pipes and HTTP are supported.

A C2 framework for initial access in Go

Sleep Obfuscation

CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation

使用WindowsAPI写的一些渗透小工具

SharpASM is a C# project that aims to automate ASM (i.e. shellcode) execution in .NET programs by exploiting code caves in RWX sections allocated by the CLR.

Windows API Call Obfuscation

This repository has been moved to https://github.com/kirides/go-d3d

利用NTLM Hash读取Exchange邮件

It's a minifilter used for transparent-encrypting.

Nidhogg is an all-in-one simple to use windows kernel rootkit.

Phantom DLL Hollowing method implemented in modmap

A .NET Framework 4.0 Windows Agent

Monitoring and controlling kernel API calls with stealth hook using EPT

Constexpr hash functions for C++

A tool for converting SysWhispers3 syscalls for use with Nim projects

NanoCore rat stub source code

A WinDbg extension to trace COM interactions

A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC

Windows Local Privilege Escalation via CdpSvc service (Writeable SYSTEM path Dll Hijacking)

Call NtCreateUserProcess directly as normal.

PowerShell MachineAccountQuota and DNS exploit tools

Some Code Samples for Windows based Inter-Process-Communication (IPC)

调用Windows Api，绕过杀软添加用户

PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)

Windows internals and exploitation tricks