Lucene search
K

6 matches found

Kitploit
Kitploit
added 2023/10/12 6:55 p.m.34 views

RecycledInjector - Native Syscalls Shellcode Injector

Currently Fully Undetected same-process native/.NET assembly shellcode injector based on RecycledGate by thefLink, which is also based on HellsGate + HalosGate + TartarusGate to ensure undetectable native syscalls even if one technique fails. To remain stealthy and keep entropy on the final...

7.3AI score
Exploits0References4
The Hacker News
The Hacker News
added 2022/10/07 6:52 a.m.332 views

BlackByte Ransomware Abuses Vulnerable Windows Driver to Disable Security Solutions

In yet another case of bring your own vulnerable driver BYOVD attack, the operators of the BlackByte ransomware are leveraging a flaw in a legitimate Windows driver to bypass security solutions. "The evasion technique supports disabling a whopping list of over 1,000 drivers on which security...

7.8CVSS8.5AI score0.18188EPSS
Exploits8
GithubExploit
GithubExploit
added 2022/05/30 6:17 p.m.223 views

Exploit for CVE-2022-30190

POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina...

9.3CVSS8.4AI score0.99374EPSS
Exploits91
Kitploit
Kitploit
added 2022/04/16 12:30 p.m.161 views

EDRSandblast - Tool That Weaponize A Vulnerable Signed Driver To Bypass EDR Detections And LSASS Protections

EDRSandBlast is a tool written in C that weaponize a vulnerable signed driver to bypass EDR detections Kernel callbacks and ETW TI provider and LSASS protections. Multiple userland unhooking techniques are also implemented to evade userland monitoring. As of release, combination of userland...

7.8CVSS7.6AI score0.18188EPSS
Exploits5References8
Kitploit
Kitploit
added 2022/04/15 9:30 p.m.30 views

Shhhloader - SysWhispers Shellcode Loader

Shhhloader is a SysWhispers Shellcode Loader that is currently a Work in Progress. It takes raw shellcode as input and compiles a C++ stub that has been integrated with SysWhispers in order to bypass AV/EDR. The included python builder will work on any Linux system that has Mingw-w64 installed. T...

8.1AI score
Exploits0References9
Kitploit
Kitploit
added 2021/02/25 8:30 p.m.263 views

ScareCrow - Payload Creation Framework Designed Around EDR Bypass

If you want to learn more about the techniques utlized in this framework please take a look at Part 1 and Part 2 Description ScareCrow is a payload creation framework for generating loaders for the use of side loading not injection into a legitimate Windows process bypassing Application...

7.5AI score
Exploits0References3
Rows per page
Query Builder