MpCmdRun / uac-bypassLinks
ATL.dll and WmiMgmt.msc UAC Bypass
☆13Updated 5 months ago
Alternatives and similar repositories for uac-bypass
Users that are interested in uac-bypass are comparing it to the libraries listed below
Sorting:
- Pattern-based AMSI bypass that patches AMSI.dll in memory by modifying comparison values, conditional jumps, and function prologues to ne…☆24Updated 4 months ago
- ☆44Updated 4 months ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆59Updated 4 months ago
- ☆53Updated last week
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.☆43Updated 4 months ago
- Unhook Ntdll.dll, Go & C++.☆29Updated 5 months ago
- Less sugar (entropy) for your binaries☆34Updated 3 weeks ago
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆77Updated last month
- converts sRDI compatible dlls to shellcode☆31Updated 8 months ago
- A way to maintain long-term access to Windows LAPS for lateral movement in AD via installing an Offensive LAPS RPC backdoor on a DC.☆27Updated 3 months ago
- ☆50Updated 2 months ago
- Threadless shellcode injection tool☆67Updated last year
- Cobalt Strike UDRL for memory scanner evasion.☆52Updated last year
- Adjusted version of the impacket-dcomexec script to work against Windows 10☆10Updated last year
- Shellcode Loader using indirect syscalls☆16Updated last year
- Bypassing Amsi using LdrLoadDll☆46Updated 8 months ago
- A firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a unprivileged user☆41Updated last year
- BypassCredGuard CS BOF☆47Updated 8 months ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Updated 8 months ago
- Patches the AmsiScan function in clr.dll allowing for unrestricted assembly loading in .NET☆43Updated 5 months ago
- A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike☆159Updated 2 months ago
- Proof-of-concept implementation of AI-enabled postex DLLs☆43Updated 3 weeks ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆62Updated last year
- ☆98Updated last year
- a demo module for the kaine agent to execute and inject assembly modules☆42Updated last year
- Shellcode Loader Utilizing ETW Events☆65Updated 7 months ago
- EmbedExeLnk by x86matthew modified by d4rkiZ☆41Updated 2 years ago
- C++ tool and library for converting .bin files to shellcode in multiple output formats.☆33Updated last month
- Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence☆54Updated 3 months ago
- UAC Bypass via CMUACUtil & PEB Enumeration, Undetected for now.☆49Updated last year