Disclaimer: This repository contains code that is provided strictly for educational and research purposes only. DO NOT use this code on systems you do not own or have explicit permission to test. Any misuse of this code may violate local, national, or international laws.
Exploit for CVE-2023-52271 in C++. The code exploits the vulnerable driver wsftprm.sys kernel driver 2.0.0.0, which allows kernel-level access to terminate running PPL processes. Mostly utilized for killing AV/EDR processes.
