This module allows you to run a process (defaulting to PowerShell) as a different user by providing a known username and password. By default, the standard output (stdout), standard error (stderr), and standard input (stdin) are attached to the current console of the caller.
☆99Feb 18, 2025Updated last year
Alternatives and similar repositories for PowerRunAs
Users that are interested in PowerRunAs are comparing it to the libraries listed below
Sorting:
- RunAsAttached is a program to locally run a new terminal as another user without spawning a new console window.☆47Jan 27, 2022Updated 4 years ago
- Map remote .NET assemblies to memory for further invocation.☆39Oct 22, 2021Updated 4 years ago
- PowerBruteLogon (Ported version of WinBruteLogon in pure PowerShell)☆123Nov 9, 2023Updated 2 years ago
- Tool for interacting with outlook interop during red team engagements☆146Jun 29, 2021Updated 4 years ago
- LoadLibrary for offensive operations☆33Dec 14, 2021Updated 4 years ago
- PowerRunAsSystem is a PowerShell script, also available as an installable module through the PowerShell Gallery, designed to impersonate …☆268Oct 15, 2024Updated last year
- A variation CredBandit that uses compression to reduce the size of the data that must be trasnmitted.☆19Jun 24, 2021Updated 4 years ago
- ☆39Jul 29, 2021Updated 4 years ago
- C# tool for installing a shared network printer abusing the PrinterNightmare bug to allow other network machines easy privesc!☆183Aug 4, 2021Updated 4 years ago
- C# program to take a full size screenshot or a recording of the user's desktop. Takes in 0-3 flags☆84Oct 2, 2020Updated 5 years ago
- ☆39May 20, 2023Updated 2 years ago
- just manipulatin these here tokens yes sir nothing weird☆22Apr 18, 2022Updated 3 years ago
- Some stuff for PHD2021☆14May 21, 2025Updated 9 months ago
- Koppeling x Metatwin x LazySign☆216Aug 26, 2021Updated 4 years ago
- Random☆35Nov 30, 2022Updated 3 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆108Mar 8, 2023Updated 2 years ago
- A *very* imperfect attempt to correlate Kernel32 function calls to native API (Nt/Zw) counterparts/execution flow.☆28Dec 16, 2021Updated 4 years ago
- PowerShell Obfuscation and Data Science☆180May 4, 2022Updated 3 years ago
- ☆540Nov 20, 2021Updated 4 years ago
- LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript☆346Sep 1, 2021Updated 4 years ago
- A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.☆143Sep 24, 2021Updated 4 years ago
- ☆185Jan 5, 2021Updated 5 years ago
- Stop Windows Defender using the Win32 API☆192Feb 2, 2022Updated 4 years ago
- C# version of Powermad☆170Dec 5, 2023Updated 2 years ago
- ErebusGate for Nim Bypass AV/EDR☆162Nov 7, 2022Updated 3 years ago
- Executes position independent shellcode from an encrypted zip☆304Dec 22, 2020Updated 5 years ago
- Dynamically invoke arbitrary unmanaged code from managed code without P/Invoke.☆169Jan 25, 2024Updated 2 years ago
- Medusa is a cross-platform C2 agent compatible with Python 2.7 and 3.8, compatible with Mythic☆202Aug 1, 2025Updated 7 months ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- Project Ares is a Proof of Concept (PoC) loader written in C/C++ based on the Transacted Hollowing technique☆337Jan 16, 2022Updated 4 years ago
- A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies☆325Apr 8, 2023Updated 2 years ago
- Source for tasks I have used with Covenant☆121Mar 21, 2021Updated 4 years ago
- How to spoof the command line when spawning a new process from C#.☆110Dec 28, 2021Updated 4 years ago
- LittleCorporal: A C# Automated Maldoc Generator☆228Jul 30, 2021Updated 4 years ago
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆745Aug 18, 2023Updated 2 years ago
- OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team…☆820Oct 27, 2023Updated 2 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆301Oct 26, 2022Updated 3 years ago
- A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0.☆151Nov 21, 2021Updated 4 years ago
- A shellcode function to encrypt a running process image when sleeping.☆340Sep 11, 2021Updated 4 years ago