lab52.io's repositories
StopDefender
Stop Windows Defender programmatically
LeakedHandlesFinder
Leaked Windows processes handles identification tool
StealAllTokens
This PoC uses two diferent technics for stealing the primary token from all running processes, showing that is possible to impersonate and use whatever token present at any process