FourCoreLabs / TrustedInstallerPOC
A simple go Proof of Concept to start a new shell as TrustedInstaller
☆44Updated last year
Related projects: ⓘ
- Collection of one-liners to bypass User Account Control (UAC) in Windows. These techniques exploit certain behavior in Windows applicatio…☆83Updated 11 months ago
- A POC to disable TamperProtection and other Defender / MDE components☆169Updated 3 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆45Updated 2 months ago
- ☆96Updated this week
- ☆105Updated last year
- BSides Prishtina 2024 Malware Development and Persistence workshop☆51Updated last month
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated 6 months ago
- ☆23Updated 4 months ago
- A bunch of scripts and code i wrote.☆128Updated last month
- IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.☆83Updated 8 months ago
- VirusTotal Stealer is a DATA Exfiltration tool that exfitrate office documents and tunnel them over VirusTotal API to the Team Server☆62Updated 11 months ago
- This project is an implant framework designed for long term persistent access to Windows machines.☆109Updated 11 months ago
- Lifetime AMSI bypass.☆35Updated 2 months ago
- Leak NTLM via Website tab in teams via MS Office☆78Updated 5 months ago
- Create and enumerate hidden desktops.☆86Updated 9 months ago
- ☆98Updated 7 months ago
- A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue☆92Updated 5 months ago
- Windows Active DIrectory Pentesting documentation.☆16Updated 3 months ago
- Utilities for obfuscating shellcode☆38Updated 2 months ago
- A collection of small scripts and tools for deobfuscation and malware analysis.☆66Updated last year
- Windows Thread Pool Injection Havoc Implementation☆26Updated 5 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆79Updated 2 months ago
- ☆113Updated 11 months ago
- Nim process hollowing loader☆47Updated last month
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆43Updated 4 months ago
- PS-MOTW: PowerShell scripts to set / show / remove MOTW (Mark of the Web)☆33Updated 10 months ago
- ☆142Updated 11 months ago
- Deleting Shadow Copies In Pure C++☆111Updated last year
- Do some DLL SideLoading magic☆72Updated last year
- This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…☆66Updated last week