MpCmdRun / uac-bypassLinks
ATL.dll and WmiMgmt.msc UAC Bypass
☆13Updated 6 months ago
Alternatives and similar repositories for uac-bypass
Users that are interested in uac-bypass are comparing it to the libraries listed below
Sorting:
- Pattern-based AMSI bypass that patches AMSI.dll in memory by modifying comparison values, conditional jumps, and function prologues to ne…☆24Updated 5 months ago
- Unhook Ntdll.dll, Go & C++.☆30Updated 6 months ago
- converts sRDI compatible dlls to shellcode☆32Updated 9 months ago
- One-header configurable C++20 COFF loader☆21Updated 3 months ago
- Cobalt Strike UDRL for memory scanner evasion.☆52Updated last year
- The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23☆14Updated 4 months ago
- A way to maintain long-term access to Windows LAPS for lateral movement in AD via installing an Offensive LAPS RPC backdoor on a DC.☆28Updated 4 months ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆60Updated 5 months ago
- Thats it! An Open-Source Windows UEFI Rootkit☆26Updated 3 months ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Updated 8 months ago
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆79Updated 2 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆56Updated 6 months ago
- Proxy function calls through the thread pool with ease☆30Updated 8 months ago
- Rewrite to fit my needs☆31Updated last year
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆76Updated 2 months ago
- Misery Loader to bypass modern EDR solutions☆16Updated 10 months ago
- a demo module for the kaine agent to execute and inject assembly modules☆42Updated last year
- ☆50Updated 3 months ago
- Less sugar (entropy) for your binaries☆33Updated last month
- Shellcode Loader Utilizing ETW Events☆67Updated 8 months ago
- ☆43Updated 10 months ago
- ☆45Updated 4 months ago
- Shellcode Loader using indirect syscalls☆16Updated last year
- Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies☆47Updated 3 months ago
- Threadless shellcode injection tool☆67Updated last year
- UAC Bypass via CMUACUtil & PEB Enumeration, Undetected for now.☆50Updated last year
- ☆31Updated 9 months ago
- NailaoLoader: Hiding Execution Flow via Patching☆20Updated 8 months ago
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆43Updated last year
- Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.☆73Updated 3 months ago