0.0.0.0/0

Hacker House

Elite
@hackerhouse-opensource

Hacker House public computer security research.

iscsicpl_bypassUAC. UAC bypass for x64 Windows 7 - 11

843

exploits. exploits and proof-of-concept vulnerability demonstration files from the team at Hacker House

467

SignToolEx. Patching "signtool.exe" to accept expired certificates for code-signing.

344

Marble. The CIA's Marble Framework is designed to allow for flexible and easy-to-use obfuscation when developing tools.

319

Stinger. CIA UAC bypass implementation of Stinger that obtains the token from an auto-elevated process, modifies it, and reuses it to execute as Administrator.

301

SetupHijack. SetupHijack is a security research tool that exploits race conditions and insecure file handling in Windows applications installer and update processes.

263

OffensiveLua. Offensive Lua.

224

Artillery. CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administrator.

183

backdoors. Tools for maintaining access to systems and proof-of-concept demonstrations.

182

tools. A collection of tools created for computer security research purposes.

143

ColorDataProxyUACBypass. Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC bypass. Win 7 & up.

141

WMIProcessWatcher. A CIA tradecraft technique to asynchronously detect when a process is created using WMI.

138

cve-2018-10933. cve-2018-10933 libssh authentication bypass

110

CompMgmtLauncher_DLL_UACBypass. CompMgmtLauncher & Sharepoint DLL Search Order hijacking UAC/persist via OneDrive

109

pyongyang_2407. Pyongyang 2407 - Android ROM from North Korea, modified to run on WBW5511_MAINBOARD_P2 devices. Releases contains an archived ROM with all needed tools to boot DPRK Android on compatible hardware. This repository contains installation instructions, hardware documentation and exploits for disabling censorship tools of North Korea Android.

99

MsSettingsDelegateExecute. Bypass UAC on Windows 10/11 x64 using ms-settings DelegateExecute registry key.

83

telnetclientpoc. Microsoft Telnet Client MS-TNAP Server-Side Authentication Token Exploit

63

MoneroMiner. A high-performance Monero (XMR) mining implementation in C++ using the RandomX algorithm. This miner is optimized for modern CPUs and provides efficient mining capabilities with a simple command-line interface.

62

envschtasksuacbypass. Bypass UAC elevation on Windows 8 (build 9600) & above.

57

documents. Papers, presentations and documents from the team at Hacker House.

53

shellcode. shellcode are codes designed to be injected into the memory space of another process during exploitation.

50

electionhacking. Diebold Accuvote-TSx Election Machine Hacking

40

NoFaxGiven. Code Execution & Persistence in NETWORK SERVICE FAX Service

37

AESCrypt. AES-256 Microsoft Cryptography API Example Use.

35

Gigabyte_ElevatePersist. Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming and performance PC's. A UAC elevation vulnerability exists that can be used for persistence in a novel fashion.

35

rebirth. rebirth IOS11 - 11.3.1 jailbreak security research utility

26

cve-2021-34527. CVE-2021-34527 AddPrinterDriverEx() Privilege Escalation

23

hackerhouse-opensource. Github profile

22

bitchat-esp32. An implementation of Bitchat a decentralized, peer-to-peer messaging app that works without internet or cell service using Bluetooth Low Energy (BLE) to create temporary mesh networks, allowing users to message directly or hop messages between nearby devices on ESP32-C6 devices.

16

hfioquake3_DoS. ioquake3 engine is vulnerable to a remotely exploitable off-by-one overflow due to a miscalculated array index within the privileged admin console command banaddr. Attacker needs the rcon password to exploit this vulnerability.

7
30
Apply