S12cybersecurity / Admin2Sys
Admin2Sys it's a C++ malware to escalate privileges from Administrator account to NT AUTORITY SYSTEM
☆49Updated last year
Alternatives and similar repositories for Admin2Sys:
Users that are interested in Admin2Sys are comparing it to the libraries listed below
- API Hammering with C++20☆45Updated 2 years ago
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆41Updated 9 months ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆87Updated 2 years ago
- Unhook DLL via cleaning the DLL 's .text section☆9Updated 3 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆68Updated last year
- PDF Icon File Type Spoofer☆13Updated 7 months ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆39Updated last year
- This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…☆51Updated last year
- Extracting Syscall Stub, Modernized☆62Updated 2 years ago
- Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users☆42Updated 2 years ago
- UAC Bypass via CMUACUtil & PEB Enumeration, Undetected for now.☆45Updated 9 months ago
- Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH☆45Updated 3 years ago
- using the gpu to hide your payload☆54Updated 2 years ago
- Halos Gate-based NTAPI Unhooker☆50Updated 2 years ago
- Splitting and executing shellcode across multiple pages☆99Updated last year
- Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping☆51Updated 2 years ago
- Swiss army knife for payload encryption and obfuscation☆21Updated last year
- Just another ntdll unhooking using Parun's Fart technique☆73Updated 2 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆83Updated 2 years ago
- A C# Solution Source Obfuscator for avoiding AV signatures with minimal user interaction. Powered by the Roslyn C# library.☆72Updated 4 years ago
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆46Updated 9 months ago
- A Bumblebee-inspired Crypter☆80Updated 2 years ago
- This is a simple example of DLL hijacking enabling proxy execution.☆65Updated last year
- My implementation of Halo's Gate technique in C#☆53Updated 2 years ago
- Get your data from the resource section manually, with no need for windows apis☆58Updated 4 months ago
- C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.☆103Updated last year
- https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.☆30Updated 7 months ago
- Another AMSI bypass - but in C++.☆23Updated last year