π Orange Tsai EventViewer RCE
β195Apr 29, 2022Updated 3 years ago
Alternatives and similar repositories for EventViewer-UACBypass
Users that are interested in EventViewer-UACBypass are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- C# loader that copies a chunk at the time of the shellcode in memory, rather that all at onceβ23Jul 14, 2022Updated 3 years ago
- UAC Bypass By Abusing Kerberos Ticketsβ506Aug 10, 2023Updated 2 years ago
- Shellcode reflective DLL injection in Rustβ27Dec 26, 2025Updated 3 months ago
- Beacon Object File implementation of Event Viewer deserialization UAC bypassβ133May 6, 2022Updated 3 years ago
- Rust procedural macro to insert a few asm! calls full of junk instructions in between every line of code.β13May 27, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways β’ AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layerβ545Feb 13, 2024Updated 2 years ago
- Persistence by writing/reading shellcode from Event Logβ380May 27, 2022Updated 3 years ago
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.β622Jan 2, 2025Updated last year
- Standalone Go implementation of Metasploit's "db_nmap" and "db_import" commands.β19Nov 6, 2024Updated last year
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Direβ¦β865Feb 3, 2024Updated 2 years ago
- Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).β822Dec 14, 2023Updated 2 years ago
- RunasCs - Csharp and open version of windows builtin runas.exeβ1,367Jul 12, 2024Updated last year
- leaking net-ntlm with webdavβ26Feb 23, 2021Updated 5 years ago
- Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking.β314Jul 8, 2022Updated 3 years ago
- End-to-end encrypted cloud storage - Proton Drive β’ AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- XOR decrypting shellcode using the GPU with OpenCL.β122May 22, 2025Updated 10 months ago
- Beacon Object File Loaderβ293Dec 3, 2023Updated 2 years ago
- A beacon object file implementation of PoolParty Process Injection Technique.β444Dec 21, 2023Updated 2 years ago
- A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operationβ18Dec 18, 2024Updated last year
- InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assemβ¦β744Jul 22, 2023Updated 2 years ago
- A BOF that runs unmanaged PEs inlineβ689Oct 23, 2024Updated last year
- WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"β122Jul 2, 2024Updated last year
- Creating a repository with all public Beacon Object Files (BoFs)β622Mar 2, 2026Updated last month
- Weaponizing for privileged file writes bugs with PrintNotify Serviceβ137May 17, 2022Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient β’ AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- You shall passβ270Jul 16, 2022Updated 3 years ago
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijackingβ286Jun 8, 2023Updated 2 years ago
- In-memory sleep encryption and heap encryption for Go applications through a shellcode function.β40Jan 14, 2024Updated 2 years ago
- UAC bypass by abusing RPC and debug objects.β629Oct 19, 2023Updated 2 years ago
- Various Cobalt Strike BOFsβ747Oct 16, 2022Updated 3 years ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Techniqueβ158Nov 7, 2023Updated 2 years ago
- β245May 5, 2024Updated last year
- Collection of remote authentication triggers in C#β526May 15, 2024Updated last year
- Fileless atexec, no more need for port 445β406Mar 28, 2024Updated 2 years ago
- End-to-end encrypted cloud storage - Proton Drive β’ AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Recovering NTLM hashes from Credential Guardβ378Dec 26, 2022Updated 3 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader featureβ101Feb 28, 2023Updated 3 years ago
- Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).β588Mar 19, 2024Updated 2 years ago
- A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.β795Apr 2, 2026Updated last week
- Dominate Active Directory with PowerShell.β1,174Nov 28, 2025Updated 4 months ago
- β153Jan 6, 2023Updated 3 years ago
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.htβ¦β673Dec 23, 2022Updated 3 years ago