arsium / BypassUACLinks
A rework of CMLuaUtil AutoElevated
☆29Updated 3 years ago
Alternatives and similar repositories for BypassUAC
Users that are interested in BypassUAC are comparing it to the libraries listed below
Sorting:
- Windows shellcode encoding and encrypting tool☆20Updated 3 years ago
- A stealthy C++ shellcode loader using anti-analysis checks, AES-256 decryption, and dynamic memory permissions to evade detection. Includ…☆21Updated 10 months ago
- Fud Runpe Av Evasion / All Av Bypass☆32Updated 2 years ago
- My personal shellcode loader☆32Updated 2 years ago
- A small shellcode loader library written in C#☆48Updated 4 years ago
- NanoCore rat stub source code☆38Updated 3 years ago
- Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.☆62Updated 4 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆71Updated 2 years ago
- Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique☆75Updated 3 years ago
- Use CMSTP.exe to bypass UAC.☆52Updated 3 years ago
- Unhooks Bit Defender from NTDLL and KERNELBASE using a classic technique.☆57Updated 2 years ago
- ☆20Updated 2 years ago
- CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution☆51Updated last year
- Load static-compiled PE from remote server.☆68Updated 4 years ago
- ☆51Updated 3 years ago
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆181Updated 3 years ago
- Remote administration tool with native client☆44Updated 8 months ago
- Using syscall to load shellcode, Evasion techniques☆27Updated 4 years ago
- Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when …☆83Updated 3 years ago
- UAC Bypass via CMUACUtil & PEB Enumeration, Undetected for now.☆52Updated last year
- Disable Windows Defender Silently (ByPass TamperProtection & ByPass Trustednstaller)☆36Updated 5 years ago
- Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC b…☆142Updated last week
- SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…☆61Updated 3 years ago
- MappingInjection via csharp☆40Updated 4 years ago
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆125Updated 2 years ago
- Crossplatform tool for inject shellcode into .exe and .dll binaries (x86 and x64)☆75Updated last month
- It stinks☆105Updated 3 years ago
- Exploring in-memory execution of .NET☆138Updated 3 years ago
- CVE-2021-24084 Windows Local Privilege Escalation Left officially unpatched since 2020. Hence, its still a zero day☆52Updated 3 years ago
- ☆41Updated 2 years ago