Pinned Repositories
CDPSvcDllHijacking
Windows 10 CDPSvc DLL Hijacking - From LOCAL SERVICE to SYSTEM
FullPowers
Recover the default privilege set of a LOCAL/NETWORK SERVICE account
Perfusion
Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)
PPLcontrol
Controlling Windows PP(L)s
PPLdump
Dump the memory of a PPL with a userland exploit
PPLmedic
Dump the memory of any PPL with a Userland exploit chain
PrintSpoofer
Abusing impersonation privileges through the "Printer Bug"
PrivescCheck
Privilege Escalation Enumeration Script for Windows
UsoDllLoader
Windows - Weaponizing privileged file writes with the Update Session Orchestrator service
VBA-RunPE
A VBA implementation of the RunPE technique or how to bypass application whitelisting.
itm4n's Repositories
itm4n/PrivescCheck
Privilege Escalation Enumeration Script for Windows
itm4n/PrintSpoofer
Abusing impersonation privileges through the "Printer Bug"
itm4n/PPLdump
Dump the memory of a PPL with a userland exploit
itm4n/VBA-RunPE
A VBA implementation of the RunPE technique or how to bypass application whitelisting.
itm4n/FullPowers
Recover the default privilege set of a LOCAL/NETWORK SERVICE account
itm4n/Perfusion
Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)
itm4n/UsoDllLoader
Windows - Weaponizing privileged file writes with the Update Session Orchestrator service
itm4n/PPLmedic
Dump the memory of any PPL with a Userland exploit chain
itm4n/PPLcontrol
Controlling Windows PP(L)s
itm4n/CDPSvcDllHijacking
Windows 10 CDPSvc DLL Hijacking - From LOCAL SERVICE to SYSTEM
itm4n/Pentest-Windows
Windows internals and exploitation tricks
itm4n/Pentest-Tools
Some random tools I use for penetration testing
itm4n/CVEs
Random CVEs
itm4n/itm4n
itm4n/itm4n.github.io
Personal blog