Alternatives and similar repositories for TrustedInstallerPOC

Users that are interested in TrustedInstallerPOC are comparing it to the libraries listed below

• MalwareTech / HiddenDesktop
  Create and enumerate hidden desktops.
  ☆90Updated last year
• Offensive-Panda / C2_Elevated_Shell_DLL_Hijcking
  DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…
  ☆44Updated last year
• AlteredSecurity / Disable-TamperProtection
  A POC to disable TamperProtection and other Defender / MDE components
  ☆226Updated last year
• WKL-Sec / FuncAddressPro
  A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
  ☆73Updated last year
• OtterHacker / Hooker
  ☆108Updated 10 months ago
• itaymigdal / PichichiH0ll0wer
  Nim process hollowing loader
  ☆59Updated 2 months ago
• KingKDot / PowerCrypt
  The best powershell obfuscator ever made
  ☆112Updated last month
• sensepost / mydumbedr
  ☆121Updated last year
• hdks-bug / hermit
  A command and control framework.
  ☆54Updated 8 months ago
• nmantani / PS-MOTW
  PS-MOTW: PowerShell scripts to set / show / remove MOTW (Mark of the Web)
  ☆44Updated last year
• Karkas66 / CelestialSpark
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆103Updated 5 months ago
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆52Updated last year
• pulpocaminante / PPL-0day
  Demoting PPL anti-malware services to less than a guest user
  ☆63Updated 7 months ago
• knight0x07 / DarkGate-Install-Script-via-DNS-TXT-Record
  PoC showcasing new DarkGate Install Script retrieval technique via DNS TXT Record
  ☆42Updated last year
• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆42Updated 11 months ago
• BeetleChunks / Obligato
  This project is an implant framework designed for long term persistent access to Windows machines.
  ☆110Updated last year
• EvilBytecode / EvilByte-Remote-AMSI-Bypass
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆50Updated 4 months ago
• xaitax / NTSleuth
  Comprehensive Windows Syscall Extraction & Analysis Framework
  ☆124Updated 3 weeks ago
• peiga / DumpThatLSASS
  Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation
  ☆31Updated 2 years ago
• d1rkmtrr / VSCode-Backdoor
  Backdooring VSCode Projects
  ☆79Updated 3 months ago
• cybersectroll / TrollUAC
  ☆145Updated last year
• RWXstoned / GimmeShelter
  Situational Awareness script to identify how and where to run implants
  ☆65Updated 9 months ago
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆81Updated 4 months ago
• hackerhouse-opensource / WMIProcessWatcher
  A CIA tradecraft technique to asynchronously detect when a process is created using WMI.
  ☆134Updated last year
• NVISOsecurity / codasm
  Payload encoding utility to effectively lower payload entropy.
  ☆119Updated 5 months ago
• Maldev-Academy / CodeSearchDemo
  ☆40Updated last year
• ghostpepper108 / Evasion
  ☆108Updated 2 years ago
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆91Updated last year
• tehstoni / RustyKeys
  UAC Bypass using CMSTP in Rust
  ☆32Updated 9 months ago
• jdu2600 / Get-InjectedThreadEx
  Fork of Get-InjectedThread - https://gist.github.com/jaredcatkinson/23905d34537ce4b5b1818c3e6405c1d2
  ☆46Updated last year