π Orange Tsai EventViewer RCE
β195Apr 29, 2022Updated 4 years ago
Alternatives and similar repositories for EventViewer-UACBypass
Users that are interested in EventViewer-UACBypass are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- C# loader that copies a chunk at the time of the shellcode in memory, rather that all at onceβ23Jul 14, 2022Updated 3 years ago
- UAC Bypass By Abusing Kerberos Ticketsβ508Aug 10, 2023Updated 2 years ago
- Shellcode reflective DLL injection in Rustβ27Dec 26, 2025Updated 4 months ago
- Beacon Object File implementation of Event Viewer deserialization UAC bypassβ133May 6, 2022Updated 3 years ago
- Rust procedural macro to insert a few asm! calls full of junk instructions in between every line of code.β12May 27, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer β’ AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layerβ549Feb 13, 2024Updated 2 years ago
- Persistence by writing/reading shellcode from Event Logβ380May 27, 2022Updated 3 years ago
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.β625Jan 2, 2025Updated last year
- Standalone Go implementation of Metasploit's "db_nmap" and "db_import" commands.β19Nov 6, 2024Updated last year
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Direβ¦β872Feb 3, 2024Updated 2 years ago
- Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).β822Dec 14, 2023Updated 2 years ago
- RunasCs - Csharp and open version of windows builtin runas.exeβ1,377Jul 12, 2024Updated last year
- leaking net-ntlm with webdavβ26Feb 23, 2021Updated 5 years ago
- Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking.β314Jul 8, 2022Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer β’ AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- XOR decrypting shellcode using the GPU with OpenCL.β122May 22, 2025Updated 11 months ago
- Beacon Object File Loaderβ293Dec 3, 2023Updated 2 years ago
- A beacon object file implementation of PoolParty Process Injection Technique.β445Dec 21, 2023Updated 2 years ago
- A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operationβ18Dec 18, 2024Updated last year
- InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assemβ¦β749Jul 22, 2023Updated 2 years ago
- A BOF that runs unmanaged PEs inlineβ695Oct 23, 2024Updated last year
- Weaponizing for privileged file writes bugs with PrintNotify Serviceβ137May 17, 2022Updated 3 years ago
- Creating a repository with all public Beacon Object Files (BoFs)β632Mar 2, 2026Updated last month
- You shall passβ270Jul 16, 2022Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer β’ AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijackingβ287Jun 8, 2023Updated 2 years ago
- In-memory sleep encryption and heap encryption for Go applications through a shellcode function.β40Jan 14, 2024Updated 2 years ago
- UAC bypass by abusing RPC and debug objects.β628Oct 19, 2023Updated 2 years ago
- Various Cobalt Strike BOFsβ755Oct 16, 2022Updated 3 years ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Techniqueβ158Nov 7, 2023Updated 2 years ago
- β246May 5, 2024Updated last year
- Collection of remote authentication triggers in C#β528May 15, 2024Updated last year
- Windows Privilege Escalationβ108Aug 16, 2024Updated last year
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader featureβ101Feb 28, 2023Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer β’ AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Fileless atexec, no more need for port 445β406Mar 28, 2024Updated 2 years ago
- Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).β592Mar 19, 2024Updated 2 years ago
- Recovering NTLM hashes from Credential Guardβ384Dec 26, 2022Updated 3 years ago
- A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.β801Apr 2, 2026Updated 3 weeks ago
- Dominate Active Directory with PowerShell.β1,181Nov 28, 2025Updated 5 months ago
- β153Jan 6, 2023Updated 3 years ago
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.htβ¦β674Dec 23, 2022Updated 3 years ago