lab52io/LeakedHandlesFinder lab52io/LeakedHandlesFinder

  • Stars
    star
    267
  • Rank 153,621 (Top 4 %)
  • Language
    C++
  • Created over 2 years ago
  • Updated over 2 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
lab52io/LeakedHandlesFinder
github

lab52io

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Leaked Windows processes handles identification tool

LHF - Leaked Handles Finder

Leaked Windows processes handles identification tool. Useful for identify new LPE vulnerabilities during a pentest or simply as a new research process. Currently supports exploiting (autopwn) procesess leaked handles spawning a new arbitrary process (cmd.exe default).

LHF identifies in realtime inherited handles and gives the researcher explotability tips

Presented at rootedcon 2022 https://www.rootedcon.com/ponentes-rooted2022/.

Presentation -> Presentation/Exploiting Leaked Handles for LPE.pdf

More Repositories

1

StopDefender

Stop Windows Defender programmatically
C++
943
star
2

StealAllTokens

This PoC uses two diferent technics for stealing the primary token from all running processes, showing that is possible to impersonate and use whatever token present at any process
C++
55
star
3

Syspce

System Processes Correlation Engine
Python
19
star
4

SandboxIt

C++
6
star