Pinned Repositories
Artillery
CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administrator.
backdoors
Tools for maintaining access to systems and proof-of-concept demonstrations.
exploits
exploits and proof-of-concept vulnerability demonstration files from the team at Hacker House
iscsicpl_bypassUAC
UAC bypass for x64 Windows 7 - 11
Marble
The CIA's Marble Framework is designed to allow for flexible and easy-to-use obfuscation when developing tools.
OffensiveLua
Offensive Lua.
shellcode
shellcode are codes designed to be injected into the memory space of another process during exploitation.
SignToolEx
Patching "signtool.exe" to accept expired certificates for code-signing.
Stinger
CIA UAC bypass implementation of Stinger that obtains the token from an auto-elevated process, modifies it, and reuses it to execute as Administrator.
tools
A collection of tools created for computer security research purposes.
hackerhouse-opensource's Repositories
hackerhouse-opensource/iscsicpl_bypassUAC
UAC bypass for x64 Windows 7 - 11
hackerhouse-opensource/exploits
exploits and proof-of-concept vulnerability demonstration files from the team at Hacker House
hackerhouse-opensource/Marble
The CIA's Marble Framework is designed to allow for flexible and easy-to-use obfuscation when developing tools.
hackerhouse-opensource/Stinger
CIA UAC bypass implementation of Stinger that obtains the token from an auto-elevated process, modifies it, and reuses it to execute as Administrator.
hackerhouse-opensource/SignToolEx
Patching "signtool.exe" to accept expired certificates for code-signing.
hackerhouse-opensource/OffensiveLua
Offensive Lua.
hackerhouse-opensource/Artillery
CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administrator.
hackerhouse-opensource/ColorDataProxyUACBypass
Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC bypass. Win 7 & up.
hackerhouse-opensource/WMIProcessWatcher
A CIA tradecraft technique to asynchronously detect when a process is created using WMI.
hackerhouse-opensource/tools
A collection of tools created for computer security research purposes.
hackerhouse-opensource/backdoors
Tools for maintaining access to systems and proof-of-concept demonstrations.
hackerhouse-opensource/cve-2018-10933
cve-2018-10933 libssh authentication bypass
hackerhouse-opensource/CompMgmtLauncher_DLL_UACBypass
CompMgmtLauncher & Sharepoint DLL Search Order hijacking UAC/persist via OneDrive
hackerhouse-opensource/MsSettingsDelegateExecute
Bypass UAC on Windows 10/11 x64 using ms-settings DelegateExecute registry key.
hackerhouse-opensource/pyongyang_2407
Pyongyang 2407 - Android ROM from North Korea, modified to run on WBW5511_MAINBOARD_P2 devices. Releases contains an archived ROM with all needed tools to boot DPRK Android on compatible hardware. This repository contains installation instructions, hardware documentation and exploits for disabling censorship tools of North Korea Android.
hackerhouse-opensource/envschtasksuacbypass
Bypass UAC elevation on Windows 8 (build 9600) & above.
hackerhouse-opensource/documents
Papers, presentations and documents from the team at Hacker House.
hackerhouse-opensource/shellcode
shellcode are codes designed to be injected into the memory space of another process during exploitation.
hackerhouse-opensource/electionhacking
Diebold Accuvote-TSx Election Machine Hacking
hackerhouse-opensource/NoFaxGiven
Code Execution & Persistence in NETWORK SERVICE FAX Service
hackerhouse-opensource/Gigabyte_ElevatePersist
Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming and performance PC's. A UAC elevation vulnerability exists that can be used for persistence in a novel fashion.
hackerhouse-opensource/AESCrypt
AES-256 Microsoft Cryptography API Example Use.
hackerhouse-opensource/rebirth
rebirth IOS11 - 11.3.1 jailbreak security research utility
hackerhouse-opensource/cve-2021-34527
CVE-2021-34527 AddPrinterDriverEx() Privilege Escalation
hackerhouse-opensource/hackerhouse-opensource
Github profile
hackerhouse-opensource/hfioquake3_DoS
ioquake3 engine is vulnerable to a remotely exploitable off-by-one overflow due to a miscalculated array index within the privileged admin console command banaddr. Attacker needs the rcon password to exploit this vulnerability.