Lucene search
K

68 matches found

GithubExploit
GithubExploit
added 2025/12/06 7:56 p.m.215 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft

PrintSpoofer Details !Licensehttps://img.shields.io/badge...

8.5CVSS7.2AI score0.89678EPSS
Exploits7
RedhatCVE
RedhatCVE
added 2025/05/22 4:48 p.m.12 views

CVE-2020-7475

A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection', reflective DLL, vulnerability exists in EcoStruxure Control Expert all versions prior to 14.1 Hot Fix, Unity Pro all versions, Modicon M340 all versions prior to V3.20, Modicon M580 all...

9.8CVSS6.9AI score0.00571EPSS
Exploits0References1
Kitploit
Kitploit
added 2023/11/20 11:30 a.m.27 views

MemTracer - Memory Scaner

MemTracer is a tool that offers live memory analysis capabilities, allowing digital forensic practitioners to discover and investigate stealthy attack traces hidden in memory. The MemTracer is implemented in Python language, aiming to detect reflectively loaded native .NET framework Dynamic-Link...

6.9AI score
Exploits0References1
Rapid7 Blog
Rapid7 Blog
added 2023/05/05 6:48 p.m.120 views

Metasploit Weekly Wrap-Up

Throw another log file on the fire Our own Stephen Fewer authored a module targeting CVE-2023-26360 affecting ColdFusion 2021 Update 5 and earlier as well as ColdFusion 2018 Update 15 and earlier. The vulnerability allows multiple paths to code execution, but our module works by leveraging a...

10CVSS8.3AI score0.9433EPSS
Exploits23
0day.today
0day.today
added 2023/02/03 12:0 a.m.390 views

Lenovo Diagnostics Driver Memory Access Exploit

This Metasploit module demonstrates how an incorrect access control for the Lenovo Diagnostics Driver allows a low-privileged user the ability to issue device IOCTLs to perform arbitrary physical/virtual memory reads and writes. This module requires Metasploit: https://metasploit.com/download...

7.8CVSS7.8AI score0.84504EPSS
Exploits4
Pen Test Partners Blog
Pen Test Partners Blog
added 2021/11/03 6:53 a.m.25 views

DCOM abuse and lateral movement with Cobalt Strike

Introduction When researching lateral movement techniques I came across a post from Raphael Mudge of Cobalt Strike fame. He details scripting an Aggressor Script for Matt Nelson’s MMC20.Application Lateral Movement technique. Reading that post spurred me to make my own DCOM based lateral movement...

7.5AI score
Exploits0
Kitploit
Kitploit
added 2021/07/14 12:30 p.m.47 views

Injector - Complete Arsenal Of Memory Injection And Other Techniques For Red-Teaming In Windows

Complete Arsenal of Memory injection and other techniques for red-teaming in Windows What does Injector do? Process injection support for shellcode located at remote server as well as local storage. Just specify the shellcode file and it will do the rest. It will by default inject into notepad.ex...

8.5AI score
Exploits0References1
Kitploit
Kitploit
added 2021/06/19 9:30 p.m.176 views

FalconEye - Real-time detection software for Windows process injections

FalconEye is a windows endpoint detection software for real-time process injections. It is a kernel-mode driver that aims to catch process injections as they are happening real-time. Since FalconEye runs in kernel mode, it provides a stronger and reliable defense against process injection...

7.5AI score
Exploits0References11
Packet Storm
Packet Storm
added 2021/05/17 12:0 a.m.213 views

Microsoft Windows TokenMagic Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Privilege Escalation via TokenMagic UAC Bypass', 'Description' = %q This module leverages a UAC bypass TokenMagic in order to spawn a...

0.5AI score
Exploits0
GithubExploit
GithubExploit
added 2021/05/13 1:23 p.m.348 views

Exploit for Exposed IOCTL with Insufficient Access Control in Dell Dbutil

CVE-2021-21551 Exploit to SYSTEM for CVE-2021-21551 SpoolPrin...

8.8CVSS8.6AI score0.74523EPSS
Exploits17
Kitploit
Kitploit
added 2021/02/06 8:30 p.m.168 views

ExecuteAssembly - Load/Inject .NET Assemblies

ExecuteAssembly is an alternative of CS execute-assembly, built with C/C++ and it can be used to Load/Inject .NET assemblies by; reusing the host spawnto process loaded CLR Modules/AppDomainManager, Stomping Loader/.NET assembly PE DOS headers, Unlinking .NET related modules, bypassing ETW+AMSI,...

7AI score
Exploits0References8
0day.today
0day.today
added 2021/01/07 12:0 a.m.40 views

NTLM BITS SYSTEM Token Impersonation Exploit

This Metasploit module exploit BITS behavior which tries to connect to the local Windows Remote Management server WinRM every times it starts. The module launches a fake WinRM server which listen on port 5985 and triggers BITS. When BITS starts, it tries to authenticate to the Rogue WinRM server,...

7.3AI score
Exploits0
Metasploit
Metasploit
added 2021/01/06 5:41 p.m.222 views

SYSTEM token impersonation through NTLM bits authentication on missing WinRM Service.

This module exploit BITS behavior which tries to connect to the local Windows Remote Management server WinRM every times it starts. The module launches a fake WinRM server which listen on port 5985 and triggers BITS. When BITS starts, it tries to authenticate to the Rogue WinRM server, which allo...

7.3AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/06 12:0 a.m.279 views

NTLM BITS SYSTEM Token Impersonation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/post/windows/reflectivedllinjection' class MetasploitModule 'SYSTEM token impersonation through NTLM bits authentication on missing WinRM Service.',...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/12/15 12:0 a.m.111 views

Microsoft Windows DrawIconEx Local Privilege Escalation Exploit

This Metasploit module exploits CVE-2020-1054, an out of bounds write reachable from DrawIconEx within win32k. The out of bounds write can be used to overwrite the pvbits of a SURFOBJ. By utilizing this vulnerability to execute controlled writes to kernel memory, an attacker can gain arbitrary co...

7.8CVSS9AI score0.81207EPSS
Exploits5
Malwarebytes
Malwarebytes
added 2020/07/21 3:0 p.m.5314 views

Chinese APT group targets India and Hong Kong using new variant of MgBot malware

This blog post was authored by Hossein Jazi and Jérôme Segura On July 2, we found an archive file with an embedded document pretending to be from the government of India. This file used template injection to drop a malicious template which loaded a variant of Cobalt Strike. One day later, the sam...

9.3CVSS8.8AI score0.94314EPSS
Exploits21
NVD
NVD
added 2020/03/23 7:15 p.m.12 views

CVE-2020-7475

A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection', reflective DLL, vulnerability exists in EcoStruxure Control Expert all versions prior to 14.1 Hot Fix, Unity Pro all versions, Modicon M340 all versions prior to V3.20, Modicon M580 all...

9.8CVSS9.4AI score0.00571EPSS
Exploits0References1
Prion
Prion
added 2020/03/23 7:15 p.m.14 views

Design/Logic Flaw

A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection', reflective DLL, vulnerability exists in EcoStruxure Control Expert all versions prior to 14.1 Hot Fix, Unity Pro all versions, Modicon M340 all versions prior to V3.20, Modicon M580 all...

7.5CVSS9.2AI score0.00571EPSS
Exploits0References1Affected Software3
Kitploit
Kitploit
added 2020/01/25 8:30 p.m.87 views

Memhunter - Live Hunting Of Code Injection Techniques

Memhunter is an endpoint sensor tool that is specialized in detecing resident malware, improving the threat hunter analysis process and remediation times. The tool detects and reports memory-resident malware living on endpoint processes. Memhunter detects known malicious memory injection...

7.7AI score
Exploits0References1
0day.today
0day.today
added 2019/10/04 12:0 a.m.422 views

DOUBLEPULSAR - Payload Execution and Neutralization Exploit

This Metasploit module executes a Metasploit payload against the Equation Group's DOUBLEPULSAR implant for SMB as popularly deployed by ETERNALBLUE. While this module primarily performs code execution against the implant, the "Neutralize implant" target allows you to disable the implant. This...

9.3CVSS8.2AI score0.94318EPSS
Exploits90
Rows per page
Query Builder