kernel-mii

Kernel exploit

Exploits a kernel vulnerability to gain SYSTEM privileges on Windows.

Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.

GitHub

29 stars
1 watching
6 forks
Language: C
last commit: over 1 year ago

Related projects:

Repository Description Stars
boku7/halosgate-ps A Cobalt Strike Beacon Object File (BOF) that uses custom syscaller code to make direct system calls to retrieve process information on the target system. 95
octoberfest7/cve-2023-36874_bof An exploit tool for a Windows vulnerability allowing an attacker to run arbitrary code as SYSTEM on Windows 10 and Windows 11 202
riccardoancarani/bofs Utilities for Cobalt Strike's Beacon Object Files to simplify working with shellcode and system processes 112
0x3rhy/adduser-bof A Cobalt Strike BOF that exploits a vulnerability to add an admin user 70
airbus-cert/invoke-bof Loads and executes a malicious payload in a Windows system using PowerShell. 245
cobalt-strike/bof-vs A Beacon Object File Visual Studio template project for creating malicious code executables 145
mlcsec/asrenum-bof Tools to detect and exploit vulnerabilities in Windows Attack Surface Reduction (ASR) settings 142
nvisosecurity/cobaltwhispers An aggressor script that allows Cobalt Strike to perform process injection and persistence by leveraging direct syscalls to bypass EDR/AV systems. 229
xairy/kernel-exploits A collection of proof-of-concept exploits for vulnerabilities in the Linux kernel 1,454
b1tg/cobaltstrike-beacon-rust A Cobalt Strike beacon implementation in Rust for creating malicious network connections 180
huoji120/cobaltstrikedetected Detects potential Cobalt Strike malware by analyzing memory allocation patterns during code execution 272
ccob/bof.net A .NET runtime framework for developing and executing malicious C code in a managed environment. 682
pwn1sher/cs-bofs A collection of compiled beacon object files from the CobaltStrike platform. 101
boku7/spawn A Cobalt Strike Beacon tool that spawns a sacrificial process to execute shellcode, using techniques like Arbitrary Code Guard and PPID spoofing to evade detection. 440
rsmudge/cve-2020-0796-bof Exploits a vulnerability in SMBv3 compression to achieve privilege escalation and process manipulation. 68