Bypass UAC by abusing the Windows Defender Firewall Control Panel, environment variables, and shell protocol handlers
☆18Jul 12, 2021Updated 4 years ago
Alternatives and similar repositories for byeintegrity4-uac
Users that are interested in byeintegrity4-uac are comparing it to the libraries listed below
Sorting:
- Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler☆30Jul 12, 2021Updated 4 years ago
- Bypass UAC by abusing the Internet Explorer Add-on installer☆57Jul 12, 2021Updated 4 years ago
- Multipurpose malware framework☆28Dec 6, 2021Updated 4 years ago
- Original hVNC has been recoded to work with all version of windows above XP. Thanks to the original author for this wonderful tool.☆10Oct 13, 2021Updated 4 years ago
- HVNC using virtual desktop☆10Dec 30, 2020Updated 5 years ago
- Miscellaneous IDA scripts and projects☆15Apr 14, 2021Updated 4 years ago
- A dll injector static library for Win x64 processes with handle elevation supported☆12Mar 28, 2021Updated 4 years ago
- Another Remote Access Control software, written in Golang. It heavily relies on cryptography to avoid threat of botnet use/abuse by other…☆11Jan 12, 2017Updated 9 years ago
- SamrSearch can get user info and group info with MS-SAMR.☆15Feb 15, 2022Updated 4 years ago
- fyyre.l2-fashion.de .. old site☆17Apr 27, 2022Updated 3 years ago
- Personal curation of Clang/LLVM patches.☆12Feb 27, 2021Updated 5 years ago
- x64 Windows privilege elevation using anycall☆22May 28, 2021Updated 4 years ago
- allowing um r/w through km from um ioctl ™☆11Jan 2, 2022Updated 4 years ago
- edge --> powerpoint --> remote-file --> shell☆11May 17, 2019Updated 6 years ago
- X86/X64 Hardware Breakpoint Manager☆42Jun 18, 2021Updated 4 years ago
- Bypass UAC by abusing shell protocol handlers☆14Jul 12, 2021Updated 4 years ago
- Cobalt Strike RCE CVE-2022-39197☆17Sep 25, 2022Updated 3 years ago
- A repo to hold any bypasses I work on/study/whatever☆19Dec 30, 2020Updated 5 years ago
- A common set of helpers used across VTIL toolchain. Moved into -->☆21May 2, 2020Updated 5 years ago
- Powershell script to emulate the "blast radius" of a ransomware infection.☆28Jul 27, 2021Updated 4 years ago
- Bypasses for Windows kernel callbacks PatchGuard protection☆44Aug 15, 2021Updated 4 years ago
- x64 Windows implementation of virtual-address to physical-address translation☆48Jun 3, 2021Updated 4 years ago
- Windows (ShadowMove) Socket Duplication☆87Apr 19, 2020Updated 5 years ago
- PowerSploit - A PowerShell Post-Exploitation Framework☆43Mar 25, 2025Updated 11 months ago
- An example of PE hollowing injection technique☆25Jun 28, 2019Updated 6 years ago
- Windows kernel-mode callbacks tutorial driver☆48Aug 8, 2016Updated 9 years ago
- This script make any windows compatible with RDP connection☆21Jul 28, 2025Updated 7 months ago
- Try various exploits to get root☆19Nov 14, 2013Updated 12 years ago
- Bare template for a Kernel Mode Driver☆51Mar 10, 2020Updated 5 years ago
- ☆50Dec 19, 2023Updated 2 years ago
- ☆28Sep 29, 2020Updated 5 years ago
- Function hooks in Windows NT Kernel☆27Oct 13, 2020Updated 5 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- Symantec EDR Internals☆30Oct 12, 2021Updated 4 years ago
- Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…☆25Mar 26, 2020Updated 5 years ago
- ☆30Oct 13, 2020Updated 5 years ago
- Bypass UAC by hijacking a DLL located in the Native Image Cache☆212Nov 21, 2021Updated 4 years ago
- An improvement of the original reflective DLL injection technique by Stephen Fewer of Harmony Security☆341Jul 30, 2017Updated 8 years ago
- Preventing 3rd Party DLLs from Injecting into your Malware☆25Aug 31, 2021Updated 4 years ago