SECFORCE/Macro-Keystrokes SECFORCE/Macro-Keystrokes

  • Stars
    star
    7
  • Rank 2,294,772 (Top 46 %)
  • Language
  • Created over 5 years ago
  • Updated over 5 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
SECFORCE/Macro-Keystrokes
github

SECFORCE

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

PoC of execution of commands on a Word macro, without the use of rundll32.exe and importation of kernel32 libraries such as CreateRemoteThread or CreateProcessA. This technique simply relies on sending keystrokes to the host.

More Repositories

1

sparta

Network Infrastructure Penetration Testing Tool
Python
1,614
star
2

Tunna

Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments.
Python
1,237
star
3

SNMP-Brute

Fast SNMP brute force, enumeration, CISCO config downloader and password cracking script.
Python
292
star
4

SharpWhispers

C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.
C#
100
star
5

DLL-Hollow-PoC

DLL Hollowing PoC - Remote and Self shellcode injection
C
69
star
6

SharpASM

SharpASM is a C# project that aims to automate ASM (i.e. shellcode) execution in .NET programs by exploiting code caves in RWX sections allocated by the CLR.
C#
57
star
7

sftp-exploit

OpenSSH <=6.6 SFTP misconfiguration universal exploit
Python
27
star
8

fixer

FIX (Financial Information eXchange) protocol fuzzer
Ruby
23
star
9

CVE-2017-3599

Proof of concept exploit for CVE-2017-3599
Python
23
star
10

proxyfuzz

Python
11
star
11

NimWhispers

Nim
9
star
12

CVE-2018-8941

D-Link DSL-3782 Code Execution (Proof of Concept)
8
star
13

SharpZip

C#
6
star
14

CVE-2021-37748

Python
5
star
15

AWS-Cognito-Finder

AWS Cognito Finder Burp Suite Extension
Python
5
star
16

awsome-cis-checker

Python
4
star
17

CVE-2011-4107

phpMyAdmin 3.3.X and 3.4.X - Local File Inclusion
Ruby
4
star
18

WPTimeCapsulePOC

An authentication bypass was recently discovered (https://www.webarxsecurity.com/vulnerability-infinitewp-client-wp-time-capsule/) on WP Time Capsule < 1.21.16. This PoC proves how the issue works and how it can be exploited.
Python
4
star
19

CVE-2008-5416

Microsoft SQL Server sp_replwritetovarbin Memory Corruption via SQL Injection
3
star
20

Beacon2023

Slides from Beacon 2023 Conference
3
star
21

CVE-2008-1613

RedDot CMS versions 7.5 Build 7.5.0.48 and below full database enumeration exploit that takes advantage of a remote SQL injection vulnerability in ioRD.asp.
Python
2
star
22

SharpExtractor

SharpExtractor is a dotnet project that allows file extraction from file containers.
C#
1
star
23

CSS_exfiltration

Python
1
star
24

chrome-stale-pointer-POC

1
star
25

CVE-2011-3368

CVE-2011-3368 exploit code
Python
1
star
26

CVE-2018-1000082-exploit

1
star