Leo4j / Invoke-RunAsSystemLinks
A simple script to elevate current session to SYSTEM (needs to be run as Administrator)
☆14Updated 7 months ago
Alternatives and similar repositories for Invoke-RunAsSystem
Users that are interested in Invoke-RunAsSystem are comparing it to the libraries listed below
Sorting:
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆21Updated 2 years ago
- Remap ntdll.dll using only NTAPI functions with a suspended process☆21Updated 2 months ago
- A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80☆20Updated 2 months ago
- Proxy function calls through the thread pool with ease☆28Updated 3 months ago
- Enumerate the Domain for Readable and Writable Shares☆20Updated 4 months ago
- Token Elevation to authorized user as SYSTEM or Domain Admins☆23Updated 2 years ago
- A simple website to act as a store for havoc modules and extensions☆27Updated 5 months ago
- Create PDFs with HTML smuggling attachments that save on opening the document.☆29Updated 2 years ago
- Extension functionality for the NightHawk operator client☆27Updated last year
- A port of classic netcat to C#☆33Updated 2 years ago
- A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously☆31Updated 2 years ago
- C# project to Reflectively load .Net assemblies in memory☆17Updated last year
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆42Updated last year
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆24Updated 9 months ago
- Tool to aid in dumping LSASS process remotely☆40Updated 11 months ago
- A pure C version of SymProcAddress☆27Updated last year
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆32Updated last year
- A python port of CCob's ThreadlessInject☆25Updated 2 years ago
- A C# implementation of dumping credentials from Windows Credential Manager☆59Updated last year
- Various implementations for C# in memory execution. Assembly.Load() Assembly.LoadFile() AppDomain.ExecuteAssembly()☆34Updated 4 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆26Updated 2 years ago
- SharpReg is a simple code set to interact with the Remote Registry service api and is compatible with Cobalt Strike.☆29Updated 5 years ago
- Just another Process Injection using Process Hollowing technique.☆17Updated last year
- Repository to gather the .NET malware I will be developing☆18Updated 3 months ago
- ☆59Updated last year
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…☆13Updated last month
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆85Updated 2 years ago
- Items related to the RedELK workshop given at security conferences☆29Updated last year
- Creation and removal of Defender path exclusions and exceptions in C#.☆31Updated last year
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆23Updated last year