wined

Windows Exploitation wined Tools The following scripts were...

Paperclip: OS Command Injection via Execution Workspace cleanupCommand

| Field | Value | |-------|-------| | Affected Software | Paperclip AI v2026.403.0 | | Affected Component | Execution Workspace lifecycle workspace-runtime.ts | | Affected Endpoint | PATCH /api/execution-workspaces/:id | | Deployment Modes | All — localtrusted zero auth, authenticated any company...

penetration-testing-reports

penetration-testing-reports A collection of penetration testin...

CVE-2018-25212

The CVE-2018-25212 entry concerns Boxoft wav-wma Converter 1.0, which reportedly contains a local buffer overflow vulnerability in structured exception handling. An attacker can craft WAV files with excess data and ROP gadgets to overwrite the SEH chain, enabling arbitrary code execution on Windo...

PT-2026-28792

Name of the Vulnerable Software and Affected Versions OWASP Core Rule Set CRS versions prior to 3.3.9 and prior to 4.25.0 Description The OWASP Core Rule Set CRS contains a flaw where whitespace padding in filenames can bypass file upload extension checks. This allows the upload of dangerous file...

EUVD-2016-2225

Malware in sbrugna...

EUVD-2017-6185

Malware in sbrugna...

EUVD-2013-0942

Malware in sbrugna...

EUVD-2015-7282

Malware in sbrugna...

Windows

It is an offensive tool for Windows exploitation. The repository contains a collection of tools for exploiting Windows, including exploits, post-exploitation agents, and PowerShell tools. The tools are organized into categories, such as Exploitation, PowerShell, and Misc. Some of the tools includ...

Windows

Windows Awesome tools to play with Windows ! List of tools used for exploiting Windows: - Exploitation : Windows Software Exploitation - hacking-team-windows-kernel-lpe : Previously-0day exploit from the Hacking Team leak, written by Eugene Ching/Qavar. - mimikatz : A little tool to play with...

CVE-2009-3096

Multiple unspecified vulnerabilities in HP Performance Insight 5.3 allow remote attackers to have an unknown impact, related to 1 a "Remote exploit" on Windows platforms, and 2 a "Remote preauthentication exploit" on the Windows Server 2003 SP2 platform, as demonstrated by certain modules in...

Windows Exploitation Tricks: Trapping Virtual Memory Access (2025 Update)

Posted by James Forshaw, Google Project Zero Back in 2021 I wrote a blog post about various ways you can build a virtual memory access trap primitive on Windows. The goal was to cause a reader or writer of a virtual memory address to halt for a significant e.g. 1 or more seconds amount of time,...

CVE-2023-5622

Under certain conditions, Nessus Network Monitor could allow a low privileged user to escalate privileges to NT AUTHORITY\SYSTEM on Windows hosts by replacing a specially crafted file...

New Evidence Links Raspberry Robin Malware to Dridex and Russian Evil Corp Hackers

Researchers have identified functional similarities between a malicious component used in the Raspberry Robin infection chain and a Dridex malware loader, further strengthening the operators' connections to the Russia-based Evil Corp group. The findings suggest that "Evil Corp is likely using...

awesome-windows-exploitation

This is a curated list of Windows exploitation resources and tools. The repository is a collection of articles, tutorials, and tools for Windows exploitation, including stack overflows, heap overflows, and kernel-based Windows overflows. The list includes resources such as articles from Phrack, a...

Windows Exploitation Tricks: Exploiting Arbitrary Object Directory Creation for Local Elevation of Privilege

Posted by James Forshaw, Project Zero And we’re back again for another blog in my series on Windows Exploitation tricks. This time I’ll detail how I was able to exploit Issue 1550 which results in an arbitrary object directory being created by using a useful behavior of the CSRSS privileged...

CVE-2011-4496

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/aviosoftplfbuf.rb 2025-10-23 21:12:56+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

shadowbroker

This repository is an offensive tool for various exploits. It contains a collection of exploits and utilities for various vulnerabilities, including those in Windows, Linux, and other systems. The exploits are categorized into different types, such as SMB, RPC, and IIS exploits. The primary targe...

Awesome Windows Exploitation Resources

A curated list of awesome Windows Exploitation resources. Windows stack overflows Stack Base Overflow Articles. Win32 Buffer Overflows Location, Exploitation and Prevention – by Dark spyrit 1999 Writing Stack Based Overflows on Windows – by Nish Bhalla’s 2005 Windows heap overflows Heap Base...