Wh04m1001 / IFaultrepElevatedDataCollectionUACLinks
☆133Updated 3 years ago
Alternatives and similar repositories for IFaultrepElevatedDataCollectionUAC
Users that are interested in IFaultrepElevatedDataCollectionUAC are comparing it to the libraries listed below
Sorting:
- Bypass Detection By Randomising ROR13 API Hashes☆142Updated 3 years ago
- A basic emulation of an "RPC Backdoor"☆242Updated 3 years ago
- Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC b…☆142Updated 3 years ago
- Execute a payload at each right click on a file/folder in the explorer menu for persistence☆175Updated 2 years ago
- ☆161Updated 2 years ago
- Convert shellcode generated using pe_2_shellcode to cdb format.☆100Updated 3 years ago
- Identify and exploit leaked handles for local privilege escalation.☆111Updated 2 years ago
- ☆88Updated 3 years ago
- Repository contains psexec, which will help to exploit the forgotten pipe☆172Updated last year
- Beacon Object File implementation of Event Viewer deserialization UAC bypass☆134Updated 3 years ago
- Winsocket for Cobalt Strike.☆102Updated 2 years ago
- POC tools for exploring SMB over QUIC protocol☆130Updated 3 years ago
- Dumping LSASS with a duplicated handle from custom LSA plugin☆203Updated 3 years ago
- AV/EDR evasion via direct system calls.☆108Updated 2 years ago
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆181Updated 2 years ago
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆124Updated 2 years ago
- Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique☆74Updated 3 years ago
- Lockbit3.0 Microsoft Defender MpClient.dll DLL Hijacking PoC☆176Updated 3 years ago
- ErebusGate for Nim Bypass AV/EDR☆164Updated 3 years ago
- This is my own implementation of the Perun's Fart technique by Sektor7☆72Updated 3 years ago
- Pseudorandom AES-256 encryption designed to protect shellcode and arbitrary strings. C# and C/C++ compatible.☆101Updated 4 years ago
- Execute shellcode from a remote-hosted bin file using Winhttp.☆240Updated 2 years ago
- Implementation of Indirect Syscall technique to pop a calc.exe☆113Updated last year
- Aggressorscript that turns the headless aggressor client into a (mostly) functional cobalt strike client.☆147Updated 3 years ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆85Updated 2 years ago
- WIP shellcode loader in nim with EDR evasion techniques☆221Updated 3 years ago
- Weaponized HellsGate/SigFlip☆205Updated 2 years ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆157Updated 2 years ago
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆147Updated 3 years ago
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆133Updated 3 years ago