Marcos Oviedo's repositories
XPEViewer
PE file viewer/editor for Windows, Linux and MacOS.
kernel_callbacks
Bypasses for Windows kernel callbacks PatchGuard protection
Back2TheFuture
Find patterns of vulnerabilities on Windows in order to find 0-day and write exploits of 1-days. We use Microsoft security updates in order to find the patterns.
AsmHalosGate
x64 Assembly HalosGate direct System Caller to evade EDR UserLand hooks
concealed_position
Bring your own print driver privilege escalation tool
DeployPrinterNightmare
C# tool for installing a shared network printer abusing the PrinterNightmare bug to allow other network machines easy privesc!
PetitPotam
PetitPotam fork with Kerberos support in the impacket script
CVE-2021-36934
C# PoC for CVE-2021-36934/HiveNightmare/SeriousSAM
byeintegrity-uac
Bypass UAC by hijacking a DLL located in the Native Image Cache
CVE-2021-1675
C# and Impacket implementation of CVE-2021-1675/PrintNightmare
CVE-2021-1675-LPE
Local Privilege Escalation Edition for CVE-2021-1675
exploit_mitigations
Knowledge base of exploit mitigations available across numerous operating systems, architectures and applications and versions.
stlkrn
C++ STL in the Windows Kernel with C++ Exception Support
speakeasy
Windows kernel and user mode emulation.
Celeborn
Userland API Unhooker Project
AlternativeShellcodeExec
Alternative Shellcode Execution Via Callbacks
wowInjector
PoC: Exploit 32-bit Thread Snapshot of WOW64 to Take Over $RIP & Inject & Bypass Antivirus HIPS (HITB 2021)
W10M_unedited-decomp
Pure Hex-rays Decompiler Psudocode of various Windows 10 Mobile binaries, No edit have been done to the output, you will need to piece together each function, class etc.Provided "as-is"
BeaconHunter
Detect and respond to Cobalt Strike beacons using ETW.
PPLdump
Dump the memory of a PPL with a userland exploit
pwn--
A (bad) C++17 rewrite of my PwnLib DLL for Windows.
Panda
Panda - is a set of utilities used to research how PsExec encrypts its traffic.
MMFCodeInjection
Code Injection via Memory Mapped Files