Yet-Zio / WusaBypassUAC
UAC bypass abusing WinSxS in "wusa.exe". Referred from and similar to: https://github.com/L3cr0f/DccwBypassUAC , Kudos to L3cr0f and FuzzySecurity for their efforts
☆34Updated 3 years ago
Alternatives and similar repositories for WusaBypassUAC:
Users that are interested in WusaBypassUAC are comparing it to the libraries listed below
- A C implementation of the Sektor7 "A Thief" Windows privesc technique.☆62Updated 3 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆39Updated 4 years ago
- ☆39Updated 4 years ago
- Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users☆42Updated 2 years ago
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆93Updated 3 years ago
- Unhooks Bit Defender from NTDLL and KERNELBASE using a classic technique.☆54Updated last year
- Injects shellcode into remote processes using direct syscalls☆77Updated 4 years ago
- Recreating and reviewing the Windows persistence methods☆38Updated 3 years ago
- Another AMSI bypass - but in C++.☆23Updated last year
- Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.☆28Updated 3 years ago
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆55Updated 3 years ago
- Small POC for process ghosting☆39Updated 3 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆69Updated last year
- C# loader capable of running stage-1 from remote url, file path as well as file share☆16Updated 2 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 3 years ago
- A simple PE loader.☆25Updated 2 years ago
- API Hammering with C++20☆46Updated 2 years ago
- C# implementation of Shellcode delivery techniques using PInvoke and DInvoke variations for API calling.☆35Updated 3 years ago
- ☆53Updated 2 years ago
- One gate to all syscalls!☆23Updated 3 years ago
- A work in progress BOF/COFF loader in Rust☆47Updated 2 years ago
- Just another casual shellcode native loader☆24Updated 3 years ago
- Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping☆54Updated 2 years ago
- Making Shellcode fully undetectable using uuid☆23Updated 3 years ago
- Executes shellcode from a remote server and aims to evade in-memory scanners☆31Updated 5 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆27Updated 3 years ago
- abusing Process Hacker driver to terminate other processes (BYOVD)☆82Updated last year
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆54Updated 2 years ago
- Artemis - C++ Hell's Gate Syscall Implementation