UAC Bypass using RequestTrace scheduled task
☆24Mar 13, 2025Updated 11 months ago
Alternatives and similar repositories for RequestTrace_UAC_Bypass
Users that are interested in RequestTrace_UAC_Bypass are comparing it to the libraries listed below
Sorting:
- Blocking Windows EDR agents by registering an own IPC-object in the Object Manager’s namespace (CVE-2023-3280, CVE-2024-5909, CVE-2024-20…☆35Feb 27, 2025Updated last year
- UAC Bypass using UIAccess program QuickAssist☆217Nov 30, 2025Updated 3 months ago
- Check if your AV/EDR does inline hooking, displays the hooked functions and allows you to compare them with the original ones.☆37Apr 24, 2025Updated 10 months ago
- 基于多种策略, 对已有 JAR 包中的全限定类名进行变换, 无限生成高度相似的虚假类名☆18Jul 30, 2025Updated 7 months ago
- ☆17Jun 10, 2025Updated 8 months ago
- A tool to enumerate and download files from the System Center Configuration Manager (SCCM) SMB share (SCCMContentLib)☆16Jul 27, 2024Updated last year
- How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.☆25Apr 21, 2025Updated 10 months ago
- Utilities for Pentesting with BloodHound☆22Feb 20, 2026Updated 2 weeks ago
- Indirect NT syscalls LSASS dumper.☆47Jul 9, 2023Updated 2 years ago
- tsh多终端代理通信☆19Feb 26, 2025Updated last year
- Windows Win32 Kernel Subsystem☆36Aug 23, 2025Updated 6 months ago
- Let sliver use msf payload!☆25Mar 23, 2025Updated 11 months ago
- Loading and executing shellcode in C# without PInvoke.☆22Jan 10, 2022Updated 4 years ago
- IDA plugin to make classes automatically☆20Oct 31, 2024Updated last year
- Just another casual shellcode native loader☆25Feb 3, 2022Updated 4 years ago
- Detect Remote Local Credentials Dumping using a Shadow Snapshot☆32Jan 27, 2025Updated last year
- Docker container for running CobaltStrike 4.7 and above☆24Mar 20, 2025Updated 11 months ago
- Dumping processes using a kernel-mode driver.☆20Nov 10, 2021Updated 4 years ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆61May 12, 2025Updated 9 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 10 months ago
- By manipulating LSASS memory flags like UseLogonCredential and IsCredGuardEnabled, this repo demonstrates how Credential Guard can be byp…☆14May 25, 2025Updated 9 months ago
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆24Jul 5, 2023Updated 2 years ago
- 使用 Docker 一键构建 JDK 源码的 CodeQL 数据库,方便使用 CodeQL 查找 JDK 中的数据。☆27May 14, 2025Updated 9 months ago
- Win32 keylogger that supports all (non-ime using) languages correctly☆53Dec 21, 2023Updated 2 years ago
- Awesome list of Living off the Land (LOL) methods, tools, and features commonly abused by attackers☆34Feb 28, 2026Updated last week
- ☆33Jan 23, 2025Updated last year
- Detect BypassUAC using AMSI☆29Feb 18, 2025Updated last year
- An example reference design for a proposed BOF PE☆201Jan 23, 2026Updated last month
- Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.☆28Sep 8, 2021Updated 4 years ago
- RexLeo / ByPassDownLoadFile / Code By:Tas9er / A.E.0.S Security Team☆27May 8, 2025Updated 10 months ago
- ☆37Nov 8, 2024Updated last year
- Open platform for sharing confirmed Malware samples☆39Nov 9, 2024Updated last year
- Exploiting the KsecDD Windows driver through Server Silos☆77Nov 11, 2024Updated last year
- ☆50Jul 9, 2025Updated 8 months ago
- ☆86Jan 21, 2025Updated last year
- Table of AD and Azure assets and whether they belong to Tier Zero☆26Sep 12, 2023Updated 2 years ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆75May 1, 2024Updated last year
- Independent hikari☆43Feb 3, 2026Updated last month
- idea插件,快速生成反序列化中常用的方法,比如setFieldValue、createTemplatesImpl等☆29Oct 2, 2024Updated last year