☆40Feb 4, 2023Updated 3 years ago
Alternatives and similar repositories for byeintegrity9-uac
Users that are interested in byeintegrity9-uac are comparing it to the libraries listed below
Sorting:
- Execute a payload at each right click on a file/folder in the explorer menu for persistence☆175Mar 15, 2023Updated 2 years ago
- Exploitation of echo_driver.sys☆170Sep 16, 2023Updated 2 years ago
- A proof‑of‑concept C2 framework that uses Server‑Sent Events (SSE) and the MCP protocol for agent registration, command dispatch, and res…☆32Apr 28, 2025Updated 10 months ago
- A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading☆84Nov 21, 2022Updated 3 years ago
- 一个demo☆23Apr 2, 2024Updated last year
- Code for blog written at 0xdarkvortex.dev Red Team TTPs Part 2☆19Oct 8, 2020Updated 5 years ago
- Lockbit3.0 Microsoft Defender MpClient.dll DLL Hijacking PoC☆177Aug 1, 2022Updated 3 years ago
- ☆20Mar 21, 2024Updated last year
- Weaponized HellsGate/SigFlip☆203Jun 7, 2023Updated 2 years ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆35Oct 31, 2023Updated 2 years ago
- idk man this was the default github name☆35Apr 23, 2023Updated 2 years ago
- (First Public?) Sample of unhooking ntdll (All Exports & IAT imports) hooks in Rust using in-memory disassembly, avoiding direct syscalls…☆137Mar 3, 2025Updated last year
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆307Dec 9, 2023Updated 2 years ago
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆58Feb 2, 2026Updated last month
- 汇编语言编写Shellcode加载器源代码 https://payloads.online/archivers/2022-02-16/1/☆77Oct 24, 2022Updated 3 years ago
- Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io☆92Dec 2, 2025Updated 3 months ago
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆100Mar 27, 2022Updated 3 years ago
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆211Nov 12, 2025Updated 3 months ago
- BOF for C2 framework☆44Nov 9, 2024Updated last year
- Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules☆43May 6, 2023Updated 2 years ago
- Beacon Object Files (not Buffer Overflows)☆58Mar 6, 2023Updated 3 years ago
- Minimal PoC developed as discuss in https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html☆144May 10, 2022Updated 3 years ago
- Code used in this post https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html☆144Apr 21, 2022Updated 3 years ago
- QLoader is a PE loader creator that helps you quickly create a non-exe loader for application☆113Oct 5, 2024Updated last year
- C# AV/EDR Killer using less-known driver (BYOVD)☆185Nov 10, 2023Updated 2 years ago
- Execute shellcode from a remote-hosted bin file using Winhttp.☆240Jun 22, 2023Updated 2 years ago
- ☆10Oct 9, 2024Updated last year
- Dump the memory of any PPL with a Userland exploit chain☆352Mar 17, 2023Updated 2 years ago
- ☆505Aug 14, 2022Updated 3 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- A simple PoC to invoke an encrypted shellcode by using an hidden call☆116Nov 19, 2022Updated 3 years ago
- Writeup of Payload Techniques in C involving Mutants, Session 1 -> Session 0 migration, and Self-Deletion of payloads.☆129Apr 24, 2022Updated 3 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆136Jan 2, 2023Updated 3 years ago
- ☆208Apr 5, 2022Updated 3 years ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆99Oct 13, 2022Updated 3 years ago
- ☆24Apr 30, 2023Updated 2 years ago
- ☆106May 15, 2023Updated 2 years ago
- ☆27May 1, 2023Updated 2 years ago
- ☆43Jan 2, 2023Updated 3 years ago