S12cybersecurity / Admin2Sys
Admin2Sys it's a C++ malware to escalate privileges from Administrator account to NT AUTORITY SYSTEM
☆52Updated last year
Alternatives and similar repositories for Admin2Sys:
Users that are interested in Admin2Sys are comparing it to the libraries listed below
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆68Updated last year
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆41Updated 10 months ago
- Fud Runpe Av Evasion / All Av Bypass☆32Updated 2 years ago
- Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users☆42Updated 2 years ago
- Classic Process Injection with Memory Evasion Techniques implemantation☆68Updated last year
- Bypass UAC at any level by abusing the Task Scheduler and environment variables☆31Updated 3 years ago
- Unhook DLL via cleaning the DLL 's .text section☆9Updated 3 years ago
- Various methods of executing shellcode☆69Updated 2 years ago
- PDF Icon File Type Spoofer☆14Updated 8 months ago
- API Hammering with C++20☆45Updated 2 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆87Updated 2 years ago
- User Mode Windows Rootkit☆57Updated last year
- Splitting and executing shellcode across multiple pages☆100Updated last year
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆47Updated 10 months ago
- Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping☆53Updated 2 years ago
- Do some DLL SideLoading magic☆79Updated last year
- Rat Inject is C++ Executable to gain Undetectable Persistence in Windows via 4 Registry Keys☆28Updated 2 years ago
- Extracting Syscall Stub, Modernized☆63Updated 2 years ago
- Research into removing strings & API call references at compile-time (Anti-Analysis)☆25Updated 9 months ago
- A C# Solution Source Obfuscator for avoiding AV signatures with minimal user interaction. Powered by the Roslyn C# library.☆73Updated this week
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- Patch AMSI and ETW in remote process via direct syscall☆81Updated 2 years ago
- Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH☆46Updated 3 years ago
- Repository to gather the .NET malware I will be developing☆17Updated last week
- Example of C# heap injector for x64 and x86 shellcodes☆13Updated 2 years ago
- A Bumblebee-inspired Crypter☆80Updated 2 years ago
- A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…☆90Updated last year
- This is a simple example of DLL hijacking enabling proxy execution.☆66Updated last year
- This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCr…☆62Updated last year
- ☆112Updated 2 years ago