b4keSn4ke / Invoke-WinSATBypass
Powershell UAC Bypass script leveraging WinSAT.exe
☆15Updated 3 years ago
Alternatives and similar repositories for Invoke-WinSATBypass:
Users that are interested in Invoke-WinSATBypass are comparing it to the libraries listed below
- .bin file to shellcode convertor☆33Updated 7 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆55Updated 7 months ago
- Reasonably undetected shellcode stager and executer.☆35Updated 5 months ago
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆36Updated 2 years ago
- Bypass AMSI By Dividing files into multiple smaller files☆45Updated 2 years ago
- A tool for carrying out brute force attacks against Office 365, with built in IP rotation use AWS gateways.☆74Updated 8 months ago
- Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL☆21Updated 2 years ago
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆21Updated last year
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆25Updated 2 years ago
- Just another ntdll unhooking using Parun's Fart technique☆73Updated 2 years ago
- C++ Staged Shellcode Loader with Evasion capabilities.☆80Updated 4 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated 11 months ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆68Updated 9 months ago
- Havoc C2 profile generator☆70Updated 3 months ago
- PowerSploit - A PowerShell Post-Exploitation Framework☆41Updated 4 months ago
- C# havoc implant☆98Updated 2 years ago
- A C# program featuring an all-in-one bypass for CLM, AppLocker and AMSI using Runspace.☆18Updated 2 years ago
- Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…☆58Updated last year
- ☆29Updated last year
- Token Elevation to authorized user as SYSTEM or Domain Admins☆24Updated last year
- Small project to facilitate creation of .lnk payloads☆63Updated 2 years ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆83Updated 7 months ago
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆79Updated last year
- RDLL for Cobalt Strike beacon to silence sysmon process☆87Updated 2 years ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆73Updated 2 years ago
- Lifetime AMSI bypass.☆35Updated 7 months ago
- Tool for playing with Windows Access Token manipulation.☆54Updated 2 years ago
- ☆58Updated last year
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆46Updated 9 months ago
- Slide decks and/or materials from conference presentations☆55Updated 2 years ago