GitHub

Exploiting CVE-2021-44228 in Unifi Network Application for remote code execution and more.

Proof of concepts for this vulnerability are scattered and have to be performed manually. This repository automates the exploitation process. See the blog post above for guidance on post-exploitation.
GitHub

proc_creation_win_powershell_non_interactive_execution.yml

description: Detects non-interactive PowerShell activity by looking at the "powershell" process with a non-user GUI process such as "explorer.exe" as a parent ...