S12cybersecurity / Admin2SysLinks
Admin2Sys it's a C++ malware to escalate privileges from Administrator account to NT AUTORITY SYSTEM
☆62Updated 2 years ago
Alternatives and similar repositories for Admin2Sys
Users that are interested in Admin2Sys are comparing it to the libraries listed below
Sorting:
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆69Updated last year
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆44Updated last year
- API Hammering with C++20☆49Updated 3 years ago
- abusing Process Hacker driver to terminate other processes (BYOVD)☆84Updated 2 years ago
- Splitting and executing shellcode across multiple pages☆103Updated 2 years ago
- Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH☆68Updated 4 years ago
- A Bumblebee-inspired Crypter☆78Updated 2 years ago
- ☆118Updated 2 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆90Updated 3 years ago
- Various methods of executing shellcode☆72Updated 2 years ago
- Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping☆64Updated 3 years ago
- Deleting Shadow Copies In Pure C++☆115Updated 2 years ago
- Halos Gate-based NTAPI Unhooker☆51Updated 3 years ago
- A small NtCreateUserProcess PoC that spawns a Command prompt.☆99Updated 3 years ago
- Classic Process Injection with Memory Evasion Techniques implemantation☆72Updated last year
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆73Updated last year
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆89Updated 2 years ago
- Extracting Syscall Stub, Modernized☆65Updated 3 years ago
- This program is used to perform reflective DLL Injection to a remote process specified by the user.☆65Updated 2 years ago
- Piece of code to detect and remove hooks in IAT☆64Updated 3 years ago
- Patch AMSI and ETW in remote process via direct syscall