Yet-Zio / WusaBypassUAC
UAC bypass abusing WinSxS in "wusa.exe". Referred from and similar to: https://github.com/L3cr0f/DccwBypassUAC , Kudos to L3cr0f and FuzzySecurity for their efforts
☆33Updated 3 years ago
Alternatives and similar repositories for WusaBypassUAC:
Users that are interested in WusaBypassUAC are comparing it to the libraries listed below
- C# loader capable of running stage-1 from remote url, file path as well as file share☆17Updated 2 years ago
- Making Shellcode fully undetectable using uuid☆23Updated 3 years ago
- Just another casual shellcode native loader☆24Updated 3 years ago
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆49Updated last year
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆54Updated 2 years ago
- C# implementation of Shellcode delivery techniques using PInvoke and DInvoke variations for API calling.☆35Updated 3 years ago
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆42Updated last year
- One gate to all syscalls!☆23Updated 2 years ago
- Executes shellcode from a remote server and aims to evade in-memory scanners☆31Updated 5 years ago
- Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.☆27Updated 3 years ago
- Hacky code for extracting calls in DLLs by function☆14Updated 2 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆68Updated last year
- A more advanced free and open .NET obfuscator using dnlib.☆10Updated 2 years ago
- API Hammering with C++20☆45Updated 2 years ago
- ☆21Updated 3 years ago
- Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping☆51Updated 2 years ago
- Extracting Clear Text Passwords from mstsc.exe using API Hooking.☆16Updated 5 years ago
- A Python script that embeds Target VBS into LNK and when executed runs the VBS script from within.☆32Updated 2 years ago
- My implementation of Halo's Gate technique in C#☆53Updated 2 years ago
- Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users☆42Updated 2 years ago
- Small POC for process ghosting☆39Updated 3 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆31Updated 2 years ago
- Execute shellcode with ZwCreateSection, ZwMapViewOfSection, ZwOpenProcess, ZwMapViewOfSection and ZwCreateThreadEx☆14Updated 3 years ago
- Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10☆38Updated 2 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit☆38Updated last year
- Another AMSI bypass - but in C++.☆23Updated last year
- Simple and sane compression wrapper library.☆18Updated 2 years ago
- Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits☆27Updated 2 years ago
- ☆37Updated 3 years ago