CVE-2024-35250的BeaconObjectFile(BOF)实现，用于CobaltStrike。使用VisualStudio编译。致谢所有漏洞代码的功劳归原作者varwara。

一个BypassUAC的BOF用来bypassWindowsDefenderonWin10/11。介绍这个BOF旨在提供一个更具OPSEC安全性的bypassUAC功能版本，以对抗WindowsDefender。测试版本：WindowsDefender1.419.338.0(更新于04/10/2024)自编译克隆仓...

修改的SweetPotato，使之可以用于CobaltStrikev4.0

PetitPotatoLocalprivilegeescalationviaPetitPotam(Abusingimpersonateprivileges).DescriptionPetitPotamusesMS-EFSR(EncryptingFileSystemRemote),aprotocolusedtoperformmaintenanceandmanagementoperationsonen…

Firstofall-creditto@splinter_code&@decoder_itforRoguePotatoasthiscodeheavilybasesonit.ThisisjustanotherPotatotogetSYSTEMviaSeImpersonateprivileges.ButthisoneisdifferentintermsofItdoesn'tcontainanySYST…

LocalPotatoAnotherLocalWindowsprivilegeescalationusinganewpotatotechnique;)TheLocalPotatoattackisatypeofNTLMreflectionattackthattargetslocalauthentication.Thisattackallowsforarbitraryfileread/writeand…

CoercedpotatoFromPatate(LOCAL/NETWORKSERVICE)toSYSTEMbyabusingSeImpersonatePrivilegeonWindows10,Windows11andServer2022.Formoreinformation:https://blog.hackvens.fr/articles/CoercedPotato.html(Theenglis…

description替代PrintBug用于本地提权的新方式，主要利用MS-EFSR协议中的接口函数借鉴了Potitpotam中对于EFSR协议的利用,实现了本地提权的一系列方式DrawingontheuseoftheEFSRprotocolinPotitpotam,aseriesoflocalrightsescalationmethodshavebeenrealizedUsePetitpota…

PrintSpoofer的反射dll实现，结合CobaltStrike使用

Thanksto@Wh04m1001forcontinuouscommunicationovertimeJustanotherpotatolikeotherpotatoes,usingRasManserviceforprivilegeescalationForWindows10(11nottest),WindowsServer2012-2019(2022nottest)UsagemagicRasM…