KINGSABRI / MSI-AlwaysInstallElevatedLinks
A Collection of templates that can be used for abusing window's AlwaysInstallElevated policy
☆39Updated 3 years ago
Alternatives and similar repositories for MSI-AlwaysInstallElevated
Users that are interested in MSI-AlwaysInstallElevated are comparing it to the libraries listed below
Sorting:
- Automating payload generation for OSEP labs and exam.☆34Updated 3 years ago
- A small tool to convert Base64-encoded .kirbi tickets from Rubeus into .ccache files for Impacket☆73Updated 5 years ago
- ☆142Updated 3 years ago
- Simple C# implementation of PowerUpSQL☆95Updated last year
- Bypass AMSI via PowerShell by splitting a file into multiple chunks☆53Updated 4 years ago
- A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally …☆91Updated 3 years ago
- ☆55Updated 3 years ago
- Simple APPLocker bypass summary☆47Updated 7 years ago
- POC tools for exploring SMB over QUIC protocol☆130Updated 3 years ago
- Get SYSTEM via SeDebugPrivilege☆24Updated 3 years ago
- ☆32Updated 2 years ago
- python spraying tools based on impacket lib☆55Updated 3 years ago
- C# tool to identify and exploit weaknesses within MSSQL instances in Active Directory environments☆113Updated 3 years ago
- C# havoc implant☆100Updated 2 years ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆100Updated 3 years ago
- DLL Hijack Search Order Enumeration BOF☆150Updated 4 years ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2☆187Updated 3 years ago
- DCSync Attack from Outside using Impacket☆115Updated 3 years ago
- ☆88Updated 3 years ago
- Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.☆117Updated 4 years ago
- This project is 'bridge' between the sleep and python language. It allows the control of a Cobalt Strike teamserver through python withou…☆187Updated 6 months ago
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆148Updated 3 years ago
- A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY☆89Updated 3 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆117Updated 2 years ago
- ☆94Updated 3 years ago
- Coerce Windows machines auth via MS-EVEN☆171Updated 2 years ago
- Malicious Shortcut(.lnk) Generator☆86Updated 7 years ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆88Updated 3 years ago
- Static standalone binaries for Linux and Windows (x64) of Python offensive tools. Compiled using PyInstaller, Docker for Windows, WSL2, a…☆111Updated 3 years ago
- D/Invoke implementation in Nim☆103Updated 3 years ago