decoder-it's repositories
psgetsystem
getsystem via parent process using ps1 & embeded c#
powershellveryless
Constrained Language Mode + AMSI bypass all in one
NetworkServiceExploit
POC for NetworkService PrivEsc
whoami-priv-Hackinparis2019
Slides from my talk in "Hackinparis" 2019 edition
juicy-potato
A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
pipeserverimpersonate
named pipe server with impersonation
Hyper-V-admin-EOP
Small POC in powershell exploiting hardlinks during the VM deletion process
whoami-priv
Slides from my talk "whoami /priv" at Romhack 2018
DFSCoerce-exe-2
DFSCoerce exe revisited version with custom authentication
diaghub_exploit
Simplified version of Forshaw's Diaghub Collector Exploit
bluehatil22
Slides from out talk at BH IL 2022
lonelypotato
Switch to JuicyPotato! https://github.com/decoder-it/juicy-potato
hacktivity2019
Slides from my presentation at Budapest
JuicyPotatoNG
Another Windows Local Privilege Escalation from Service Account to System
PSKernel-Primitives
Exploit primitives for PowerShell
redteam-research
Collection of PoC and offensive techniques used by the BlackArrow Red Team
RoguePotato
Another Windows Local Privilege Escalation from Service Account to System