S12cybersecurity / Admin2Sys
Admin2Sys it's a C++ malware to escalate privileges from Administrator account to NT AUTORITY SYSTEM
☆54Updated last year
Alternatives and similar repositories for Admin2Sys:
Users that are interested in Admin2Sys are comparing it to the libraries listed below
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆41Updated 11 months ago
- User Mode Windows Rootkit☆59Updated last year
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆69Updated last year
- Unhook DLL via cleaning the DLL 's .text section☆9Updated 3 years ago
- PDF Icon File Type Spoofer☆14Updated 9 months ago
- This is a simple example of DLL hijacking enabling proxy execution.☆66Updated 2 years ago
- Repository to gather the .NET malware I will be developing☆18Updated last month
- Classic Process Injection with Memory Evasion Techniques implemantation☆69Updated last year
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆84Updated 2 years ago
- Extracting Syscall Stub, Modernized☆63Updated 3 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 3 years ago
- Just another ntdll unhooking using Parun's Fart technique☆75Updated 2 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆88Updated 2 years ago
- Example of C# heap injector for x64 and x86 shellcodes☆14Updated 2 years ago
- ☆36Updated 2 years ago
- UAC Bypass via CMUACUtil & PEB Enumeration, Undetected for now.☆47Updated 11 months ago
- Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH☆48Updated 3 years ago
- NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing R…☆58Updated last year
- abusing Process Hacker driver to terminate other processes (BYOVD)☆82Updated last year
- A .NET binary loader that bypasses AMSI☆45Updated 3 years ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆89Updated 10 months ago
- Research into removing strings & API call references at compile-time (Anti-Analysis)☆25Updated 10 months ago
- Change hash for a signed pe☆16Updated last year
- Halos Gate-based NTAPI Unhooker☆52Updated 3 years ago
- This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCr…☆63Updated last year
- How to spoof the command line when spawning a new process from C#.☆106Updated 3 years ago
- Transparently call NTAPI via Halo's Gate with indirect syscalls.☆11Updated last year
- Splitting and executing shellcode across multiple pages☆100Updated last year
- API Hammering with C++20☆46Updated 2 years ago
- Various methods of executing shellcode☆70Updated 2 years ago