NTAPI Undocumented Functions
March 19, 2021 at 9:48:32 AM UTC - permalink -

- http://undocumented.ntinternals.net/index.html?page=UserMode%2FUndocumented%20Functions%2FNT%20Objects%2FSection%2FNtMapViewOfSection.html

Process Herpaderping | herpaderping
October 28, 2020 at 4:10:40 PM UTC - permalink -

- https://jxy-s.github.io/herpaderping/

nccgroup/keimpx: Check for valid credentials across a network over SMB
October 26, 2020 at 2:06:37 PM UTC - permalink -

- https://github.com/nccgroup/keimpx

PowerPoint Presentation - eu-17-Liberman-Lost-In-Transaction-Process-Doppelganging.pdf
October 20, 2020 at 9:31:03 AM UTC - permalink -

- https://www.blackhat.com/docs/eu-17/materials/eu-17-Liberman-Lost-In-Transaction-Process-Doppelganging.pdf

Abusing SeLoadDriverPrivilege for privilege escalation - Tarlogic Security - Cyber Security and Ethical hacking
September 2, 2020 at 5:25:50 PM UTC * - permalink -

- https://www.tarlogic.com/en/blog/abusing-seloaddriverprivilege-for-privilege-escalation/

File transfers windows/linux
August 26, 2020 at 3:07:53 PM UTC - permalink -

- https://mp.weixin.qq.com/s/pz6y8299gMUOgtZjZv5puw

matterpreter/DefenderCheck: Identifies the bytes that Microsoft Defender flags on.
July 24, 2020 at 8:11:18 AM UTC - permalink -

- https://github.com/matterpreter/DefenderCheck

S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet: A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
July 14, 2020 at 9:24:05 PM UTC - permalink -

- https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet#sid-history-abuse

Create A Windows Service In C#
June 20, 2020 at 2:20:51 PM UTC - permalink -

- https://www.c-sharpcorner.com/article/create-windows-services-in-c-sharp/

Going Deep | Channel 9
June 17, 2020 at 9:09:37 AM UTC - permalink -

- https://channel9.msdn.com/Shows/Going+Deep

Windows Notes / Cheatsheet
June 10, 2020 at 2:53:09 PM UTC - permalink -

- https://m0chan.github.io/2019/07/30/Windows-Notes-and-Cheatsheet.html#-bloodhound-python

Adam Chester on Twitter: "Want to stop ETW from giving up your loaded .NET assemblies to that pesky EDR, but can't be bothered patching memory? Just pass COMPlus_ETWEnabled=0 as an environment variable during your CreateProcess call 😂 https://t.co/wXWeSdt0li" / Twitter
June 5, 2020 at 10:50:03 AM UTC - permalink -

- https://twitter.com/_xpn_/status/1268712093928378368/photo/1

antonioCoco/RunasCs: RunasCs - Csharp and open version of windows builtin runas.exe
June 5, 2020 at 8:33:55 AM UTC - permalink -

- https://github.com/antonioCoco/RunasCs

itm4n/PrivescCheck: Privilege Escalation Enumeration Script for Windows
June 4, 2020 at 10:47:19 PM UTC * - permalink -

- https://github.com/itm4n/PrivescCheck

itm4n/SysTracingPoc: CVE-2020-0668 - Microsoft Windows Service Tracing Arbitrary File Move Local Privilege Escalation Vulnerability
May 25, 2020 at 8:01:33 PM UTC * - permalink -

- https://github.com/itm4n/SysTracingPoc

CVE-2020-0668 - A Trivial Privilege Escalation Bug in Windows Service Tracing | PS C:\Users\itm4n> _
May 25, 2020 at 8:01:21 PM UTC * - permalink -

- https://itm4n.github.io/cve-2020-0668-windows-service-tracing-eop/

Windows exploitation - FullPwn Security Operations
May 6, 2020 at 5:03:52 PM UTC - permalink -

- https://fullpwnops.com/windows-exploitation-pathway.html

windowsblindread/windows-files.txt at master · soffensive/windowsblindread · GitHub
April 15, 2020 at 2:40:44 PM UTC - permalink -

- https://github.com/soffensive/windowsblindread/blob/master/windows-files.txt

MiniDumpWriteDump via COM+ Services DLL | modexp
December 3, 2019 at 4:50:29 PM UTC - permalink -

- https://modexp.wordpress.com/2019/08/30/minidumpwritedump-via-com-services-dll/

GitHub - S3cur3Th1sSh1t/WinPwn: Automation for internal Windows Penetrationtest / AD-Security
November 20, 2019 at 11:02:50 AM UTC * - permalink -

- https://github.com/S3cur3Th1sSh1t/WinPwn