CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3098 matches found

The Coalfire Blog•added 2018/06/26 8:8 p.m.•53 views

Executing Meterpreter on Windows 10 and Bypassing Antivirus

One of my Labs colleagues recently published an article on the Coalfire Blog about executing an obfuscated PowerShell payload using Invoke-CradleCrafter. This was very useful, as Windows Defender has upped its game lately and is now blocking Metasploits Web Delivery module. I wanted to demonstrat...

2AI score

Exploits0

Kitploit•added 2018/06/24 10:33 p.m.•16 views

MalwLess - Test Blue Team Detections Without Running Any Attack

MalwLess is an open source tool that allows you to simulate system compromise or attack behaviours without running processes or PoCs. The tool is designed to test Blue Team detections and SIEM correlation rules. It provides a framework based on rules that anyone can write, so when a new technique...

7.3AI score

Exploits0References12

Kitploit•added 2018/06/21 10:23 p.m.•86 views

LNK-Kisser - PowerShell Link Payload Generator

Making FUD Shortcut .lnk payloads with LNK-KISSER to remote execute malicious code. Shortcut-Payload-Generator Exploiting Powershell to make ShortCut Payloads fud. There is too much of awsome tricks there , u can make it better ^^. For Ex : Killing tcpview , taskmanager ..etc while downloading. S...

7.6AI score

Exploits0References1

FireEye•added 2018/06/18 11:45 a.m.•550 views

Bring Your Own Land (BYOL) – A Novel Red Teaming Technique

Introduction One of most significant recent developments in sophisticated offensive operations is the use of “Living off the Land” LotL techniques by attackers. These techniques leverage legitimate tools present on the system, such as the PowerShell scripting language, in order to execute attacks...

1.6AI score

Exploits0

Kitploit•added 2018/06/15 1:55 p.m.•30 views

RiskySPN - Detect And Abuse Risky SPNs

RiskySPNs is a collection of PowerShell scripts focused on detecting and abusing accounts associated with SPNs Service Principal Name. This module can assist blue teams to identify potentially risky SPNs as well as red teams to escalate privileges by leveraging Kerberos and Active Directory. For...

7.2AI score

Exploits0References1

CNVD•added 2018/06/15 12:0 a.m.•2 views

Microsoft Windows Device Guard Security Bypass Vulnerability (CNVD-2018-12041)

Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Microsoft Windows 10 is a suite of operating systems for personal computers.Windows Server 2016 is a suite of server operating systems.Device Guard is one of the device Device Guard is...

4.5CVSS5.3AI score0.00531EPSS

Exploits0References1

OSV•added 2018/06/14 12:29 p.m.•2 views

CVE-2018-8216

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10. This CVE ID is uniq...

5.3CVSS5.9AI score0.00524EPSS

Exploits0References3