594 matches found
Exploit for Use After Free in Microsoft
CVE-2026-42978 PoC & Research Windows Push Notificatio...
Weekly Metasploit Update: Apache ActiveMQ RCE, Gogs Rebase RCE, and Windows Kernel Pointer Enum
When Open Source is a bit too Open Several fun modules landed this week, including an Apache RCE, Windows Kernel pointer collection, and Gogs RCE via naming. Leading off is Gogs' RCE that allows an attacker to execute commands by naming their branch --exec and requesting a rebase. Another useful...
Windows Kernel Pointer Exposure Enumerator
This module enumerates kernel object pointers exposed via NtQuerySystemInformation with SystemExtendedHandleInformation. It categorizes exposed pointers by object type and provides observational data about kernel address space layout for research and educational purposes. Module Options msf use...
PhantomRPC: A new privilege escalation technique in Windows RPC
Intro Windows Interprocess Communication IPC is one of the most complex technologies within the Windows operating system. At the core of this ecosystem is the Remote Procedure Call RPC mechanism, which can function as a standalone communication channel or as the underlying transport layer for mor...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft
SCTT-2026-33-0002: DWM Visual-Field Singularity 📡 Theoret...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft
SCTT-2026-33-0002: DWM Visual-Field Singularity 📡 Theoret...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft
CTT-Memory-Vortex-20805 This script utilizes the \alpha=0.030...
About Information Disclosure – Desktop Window Manager (CVE-2026-20805) vulnerability
About Information Disclosure - Desktop Window Manager CVE-2026-20805 vulnerability. Desktop Window Manager is a compositing window manager that has been part of Windows since Windows Vista. Exploitation of the vulnerability, which was addressed in the January Microsoft Patch Tuesday, allows a loc...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft
CVE-2026-20805-PoC The PoC of information disclosure in Micros...
Exploit for CVE-2026-20805
CVE-2026-20805 PoC Prueba de concepto para la vulnerabilidad...
Microsoft Fixes 114 Windows Flaws in January 2026 Patch, One Actively Exploited
Microsoft on Tuesday rolled out its first security update for 2026, addressing 114 security flaws, including one vulnerability that it said has been actively exploited in the wild. Of the 114 flaws, eight are rated Critical, and 106 are rated Important in severity. As many as 58 vulnerabilities...
Patch Tuesday - January 2026
Microsoft is publishing 114 vulnerabilities this January 2026 Patch Tuesday. Today’s menu includes just one vulnerability marked as exploited in the wild, as well as two vulnerabilities where Microsoft is aware of public disclosure. There are no critical remote code execution or elevation of...
Microsoft and Adobe Patch Tuesday, January 2026 Security Update Review
Starting the year on a security-first note, Microsoft's January 2026 Patch Tuesday resolves several vulnerabilities that could impact enterprise environments. Here's a quick breakdown of what you need to know. Microsoft Patch Tuesday for January 2026 This month's release addresses 115...
CVE-2026-20817
creationtimestamp| type| source ---|---|--- 2026-01-13 18:01:16+00:00| seen| https://www.thezdi.com/blog/2026/1/13/the-january-2026-security-update-review 2026-01-13 18:16:30+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0007 2026-02-10 10:09:30+00:00| seen|...
PT-2026-2667
Name of the Vulnerable Software and Affected Versions Windows Error Reporting versions prior to January 2026 Description Improper handling of permissions in the Windows Error Reporting WER service allows an authorized local attacker to elevate privileges to NT AUTHORITYSYSTEM. The issue exists in...
Exploit for Code Injection in Microsoft
Reverse Shell-able Exploit POCs Sharing the list of Windows e...
Exploit for Code Injection in Microsoft
Reverse Shell-able Exploit POCs Sharing the list of Windows e...
Yet another DCOM object for lateral movement
Introduction If you're a penetration tester, you know that lateral movement is becoming increasingly difficult, especially in well-defended environments. One common technique for remote command execution has been the use of DCOM objects. Over the years, many different DCOM objects have been...
winlow
Windows Internals & Exploitation A concise, practical referen...
CVE-2023-27469
Malwarebytes Anti-Exploit 4.4.0.220 is vulnerable to arbitrary file deletion and denial of service via an ALPC message in which FullFileNamePath lacks a '\0' character...