S12cybersecurity / Admin2SysLinks
Admin2Sys it's a C++ malware to escalate privileges from Administrator account to NT AUTORITY SYSTEM
☆63Updated 2 years ago
Alternatives and similar repositories for Admin2Sys
Users that are interested in Admin2Sys are comparing it to the libraries listed below
Sorting:
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆44Updated last year
- Extracting Syscall Stub, Modernized☆66Updated 3 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆69Updated last year
- Various methods of executing shellcode☆72Updated 2 years ago
- Splitting and executing shellcode across multiple pages☆103Updated 2 years ago
- abusing Process Hacker driver to terminate other processes (BYOVD)☆84Updated 2 years ago
- Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH☆67Updated 4 years ago
- A Bumblebee-inspired Crypter☆78Updated 2 years ago
- Halos Gate-based NTAPI Unhooker☆51Updated 3 years ago
- Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping☆64Updated 3 years ago
- UAC bypass abusing WinSxS in "wusa.exe". Referred from and similar to: https://github.com/L3cr0f/DccwBypassUAC , Kudos to L3cr0f and Fuz…☆34Updated 4 years ago
- A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…☆90Updated last month
- Kernel Mode Driver for Elevating Process Privileges☆134Updated 2 years ago
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆90Updated 2 years ago
- API Hammering with C++20☆49Updated 3 years ago
- This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…☆55Updated 2 years ago
- Tool for playing with Windows Access Token manipulation.☆55Updated 2 years ago
- ☆118Updated 2 years ago
- How to spoof the command line when spawning a new process from C#.☆109Updated 3 years ago
- C# loader capable of running stage-1 from remote url, file path as well as file share☆15Updated 2 years ago
- Another AMSI bypass - but in C++.☆23Updated 2 years ago
- This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCr…☆62Updated last year
- Deleting Shadow Copies In Pure C++☆115Updated 2 years ago
- Classic Process Injection with Memory Evasion Techniques implemantation☆73Updated 2 years ago
- Fud Runpe Av Evasion / All Av Bypass☆33Updated 2 years ago
- A string obfuscator for .NET apps, built to evade static string analysis.☆109Updated 2 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆90Updated 3 years ago
- A C# port of the MinHook API hooking library☆56Updated 3 years ago
- My adventures in learning about different userland malware techniques, such as syscalls, injection, unhooking or sandbox evasion.☆78Updated last year
- ☆16Updated 4 years ago