Hello World
Whoami
Pentest
Cloud
Antivirus Evasion - Defender
EDR BYPASS
Red Team
CTF

Powered by GitBook

On this page

Follina - Office RCE
CVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability
CVE-2024-21413 - Microsoft Outlook RCE
CVE-2023-23397 - Microsoft Outlook NTLM Leakage
CVE-2023-35636 - Microsoft Outlook Information Disclosure Vulnerability (leak password hash)
Outlook - Pwnlook

Was this helpful?

Pentest

Internal Pentest

Microsoft Office & Outlook

PreviousEnumeration from Windows Host NextMicrosoft SharePoint

Last updated 1 month ago

Follina - Office RCE

CVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability

CVE-2024-21413 - Microsoft Outlook RCE

CVE-2023-23397 - Microsoft Outlook NTLM Leakage

CVE-2023-35636 - Microsoft Outlook Information Disclosure Vulnerability (leak password hash)

Outlook - Pwnlook

GitHub - amjcyber/pwnlook: An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails configured in it.GitHub

GitHub - xaitax/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability: Microsoft-Outlook-Remote-Code-Execution-VulnerabilityGitHub

GitHub - api0cradle/CVE-2023-23397-POC-PowershellGitHub

GitHub - passtheticket/CVE-2024-38200: CVE-2024-38200 - Microsoft Office NTLMv2 Disclosure VulnerabilityGitHub

GitHub - duy-31/CVE-2024-21413: Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POCGitHub

GitHub - Trackflaw/CVE-2023-23397: Simple PoC of the CVE-2023-23397 vulnerability with the payload sent by email.GitHub

GitHub - chvancooten/follina.py: POC to replicate the full 'Follina' Office RCE vulnerability for testing purposesGitHub

Guidance for investigating attacks using CVE-2023-23397 - Microsoft Security BlogMicrosoft Security Blog

GitHub - duy-31/CVE-2023-35636: Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POCGitHub