Alternatives and similar repositories for UACHooker

Users that are interested in UACHooker are comparing it to the libraries listed below

• PorLaCola25 / ProcessDoppelganging
  Process doppelganging POC using direct system calls, PPID spoofing and dropbox as an external delivery channel for the payload.
  ☆15Updated 4 years ago
• AzAgarampur / byeintegrity5-uac
  Bypass UAC at any level by abusing the Task Scheduler and environment variables
  ☆31Updated 3 years ago
• Hagrid29 / herpaderply_hollowing
  Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping
  ☆56Updated 2 years ago
• pr0tean / TelemetrySourcerer-patched
  Tiny driver patch to allow kernel callbacks to work on Win10 21h1
  ☆34Updated 3 years ago
• Cerbersec / NtCreateUserProcess
  ☆12Updated 3 years ago
• benheise / TitanLdr
  Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH
  ☆48Updated 3 years ago
• alfarom256 / PebLdr
  ☆15Updated 4 years ago
• LethalSnake1337 / PE-Loader-exercise
  A simple PE loader.
  ☆26Updated 2 years ago
• pwn1sher / RTImplant
  Just another casual shellcode native loader
  ☆24Updated 3 years ago
• arsium / BypassGetModuleBaseAddressAndGetExportAddress
  A proof of concept of real custom GetProcAddress and GetModuleBaseAddress
  ☆20Updated 2 years ago
• lab52io / StealAllTokens
  This PoC uses two diferent technics for stealing the primary token from all running processes, showing that is possible to impersonate a…
  ☆55Updated 3 years ago
• AlionGreen / apc-injection
  Process Injection: APC Injection
  ☆32Updated 4 years ago
• elddy / Windows-NTAPI-Injector
  Inject shellcode to process using Windows NTAPI for bypassing EDRs and Antiviruses
  ☆41Updated 4 years ago
• plackyhacker / Unhook-BitDefender
  Unhooks Bit Defender from NTDLL and KERNELBASE using a classic technique.
  ☆54Updated last year
• AzAgarampur / byeintegrity-lite
  Bypass UAC by abusing shell protocol handlers
  ☆14Updated 3 years ago
• ProcessusT / PsNotifRoutineUnloader
  This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCr…
  ☆63Updated last year
• XaFF-XaFF / MBR-Overwrite-with-custom-message
  Overwrite MBR and add own custom message
  ☆17Updated 5 years ago
• Idov31 / UdpInspector
  Listing UDP connections with remote address without sniffing.
  ☆29Updated last year
• AzAgarampur / PsForge
  Process Hollowing demonstration & explanation
  ☆35Updated 4 years ago
• AlSch092 / HideStaticReferences
  Research into removing strings & API call references at compile-time (Anti-Analysis)
  ☆27Updated last year
• NATsCodes / ProcessHollowing
  Process Hollowing POC in CPP
  ☆15Updated 4 years ago
• passthehashbrowns / suspendedunhook
  ☆39Updated 4 years ago
• Ap3x / COFF-Loader
  A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader
  ☆48Updated last year
• S3cur3Th1sSh1t / SharpRDP
  Remote Desktop Protocol .NET Console Application for Authenticated Command Execution
  ☆11Updated 4 years ago
• avarenina / Windows-PE-Injection
  PE Injection with ring3 hook bypass
  ☆10Updated 4 years ago
• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆35Updated 3 years ago
• AzAgarampur / byeintegrity4-uac
  Bypass UAC by abusing the Windows Defender Firewall Control Panel, environment variables, and shell protocol handlers
  ☆18Updated 3 years ago
• hackerhouse-opensource / envschtasksuacbypass
  Bypass UAC elevation on Windows 8 (build 9600) & above.
  ☆55Updated 2 years ago
• XaFF-XaFF / ZwProcessHollowing
  ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
  ☆85Updated 2 years ago
• SaadAhla / BlockNonMSModules
  Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules
  ☆41Updated 2 years ago