Exploit Blizzard's repositories
Asmodeus-stealer
The malware is un-killable and fully undetectable by antivirus, developed by Kingsman. It steals the browser passwords, Discord Tokens & Telegram data and sends it to drop-box using dropbox-Api
WindowsMDM-LPE-0Day
CVE-2021-24084 Windows Local Privilege Escalation Left officially unpatched since 2020. Hence, its still a zero day
UAC-Bypass
Bypassing windows uac, however its an old approach/method but its still unpatched ¯\_(ツ)_/¯
Windows-Privilege-Escalation-CVE-2021-1732
Read my blog for more info -
Syscall-Example
Using syscall to load shellcode, Evasion techniques
Evil-Browser
Exfiltrating "google account password" and "android cookies" made easy with evil browser. Checkout YouTube : https://youtu.be/pvuT0m4QUbU
website-templates
150+ Website Templates
iSCSI-UAC-Bypass
Abusing autoElevate - Fully Undetectable UAC Bypass exploit
AutoExecute
Download & Executes Exe Automatically
CVE-2021-36934
HiveNightmare aka SeriousSAM
GhostInHTML
Visit Youtube: https://youtu.be/ozjyrSS4jWo
PrintNightmare-CVE-2021-1675
Youtube : https://youtu.be/Zr0KjYDSFKQ
CVE-2020-14882-WebLogic
Check YouTube - https://youtu.be/O0ZnLXRY5Wo
.NET-Loader
A simple PowerShell crypter
Dirty-Pipe-Compiled
For more info YouTube :
wstg
The OWASP Web Security Testing Guide includes a "best practice" penetration testing framework which users can implement in their own organizations and a "low level" penetration testing guide that describes techniques for testing most common web application and web service security issues.
exploitblizzard
Config files for my GitHub profile.
Linux-reverse-shell
A simple and stable linux reverse shell written in Golang
NamedPipePTH
Pass the Hash to a named pipe for token Impersonation