FULLSHADE / Auto-Elevate
Escalate from a low-integrity Administrator account to NT AUTHORITY\SYSTEM without an LPE exploit by combining a COM UAC bypass and Token Impersonation
☆154Updated 3 years ago
Alternatives and similar repositories for Auto-Elevate:
Users that are interested in Auto-Elevate are comparing it to the libraries listed below
- WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement☆366Updated 3 years ago
- This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and down…☆247Updated last year
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆298Updated 2 years ago
- Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.☆378Updated 2 years ago
- Windows Local Privilege Escalation via CdpSvc service (Writeable SYSTEM path Dll Hijacking)☆254Updated 2 years ago
- Beacon Object File PoC implementation of KillDefender☆227Updated 3 years ago
- Persistence by writing/reading shellcode from Event Log☆371Updated 2 years ago
- C# Lsass parser☆291Updated 3 years ago
- Module Stomping, No New Thread, HellsGate syscaller, UUID Shellcode Runner for x64 Windows 10!☆443Updated 2 years ago
- Execute shellcode from a remote-hosted bin file using Winhttp.☆234Updated last year
- A BOF to automate common persistence tasks for red teamers☆276Updated 2 years ago
- Lockbit3.0 Microsoft Defender MpClient.dll DLL Hijacking PoC☆177Updated 2 years ago
- Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527)☆185Updated 3 years ago
- This is a PoC for bypassing UAC using DLL hijacking and abusing the "Trusted Directories" verification.☆273Updated 3 years ago
- Terminate AV/EDR Processes using kernel driver☆342Updated last year
- Windows NTLM Authentication Backdoor☆235Updated 3 months ago
- A basic emulation of an "RPC Backdoor"☆241Updated 2 years ago
- This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …☆257Updated 2 years ago
- COM Hijacking VOODOO☆292Updated 2 months ago
- Pass the Hash to a named pipe for token Impersonation☆301Updated last year
- PowerShell script to generate "proxy" counterparts to easily perform DLL Sideloading☆125Updated 5 years ago
- WIP shellcode loader in nim with EDR evasion techniques☆216Updated 3 years ago
- Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus☆229Updated 3 years ago
- Cobalt Strike Aggressor Script that Performs System/AV/EDR Recon☆326Updated 2 years ago
- Stop Windows Defender using the Win32 API☆193Updated 3 years ago
- Bypass Detection By Randomising ROR13 API Hashes☆140Updated 3 years ago
- Shellcode launcher for AV bypass☆215Updated last year
- A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.☆320Updated 2 years ago
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆328Updated 9 months ago
- A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities.☆451Updated last year