kevin worst's repositories
VectorKernel
PoCs for Kernel-mode rootkit techniques research.
deoptimizer
Machine code de-optimizer.
DojoLoader
Generic PE loader for fast prototyping evasion techniques
SharpIncrease
Evade Everything
CVE-2024-26229
CWE-781: Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code
CVE-2024-26229-BOF
BOF implementations of CVE-2024-26229 for Cobalt Strike and BruteRatel
CVE-2024-29824
Ivanti EPM SQL Injection Remote Code Execution Vulnerability
CVE-2024-29849
Veeam Backup Enterprise Manager Authentication Bypass (CVE-2024-29849)
CVE-2024-29943
A Pwn2Own SpiderMonkey JIT Bug: From Integer Range Inconsistency to Bound Check Elimination then RCE
CVE-2024-4885
Exploit for CVE-2024-4885
EDRPrison
Leverage a legitimate driver to silence EDR
HEVD-BufferOverflowNonPagedPoolNx-Win10-22H2
HEVD Exploit (Windows 10 22H2): BufferOverflowNonPagedPoolNx - Escalating from Low Integrity to SYSTEM via Aligned Chunk Confusion
IAT-Tracer
An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (.tag) files.
Invoke-DumpMDEConfig
PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges required )
msi_installed_search
Just cpp version of msi_search which is useful for third party windows installer EoPs
RdpStrike
Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.
RemoteKrbRelay
Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
RflDllOb
Reflective DLL Injection - M++
ruler
A tool to abuse Exchange services
ScriptBlock-Smuggling
Example code samples from our ScriptBlock Smuggling Blog post
securitylab
Resources related to GitHub Security Lab
SteppingStones
A Red Team Activity Hub