blue0x1 / uac-bypass-onelinersView external linksLinks
Collection of one-liners to bypass User Account Control (UAC) in Windows. These techniques exploit certain behavior in Windows applications to elevate privileges.
☆154Jan 7, 2025Updated last year
Alternatives and similar repositories for uac-bypass-oneliners
Users that are interested in uac-bypass-oneliners are comparing it to the libraries listed below
Sorting:
- Your syscall factory☆126Jan 13, 2026Updated last month
- Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies☆123May 29, 2024Updated last year
- ☆122Oct 9, 2023Updated 2 years ago
- Abuse leaked token handles.☆134Dec 14, 2023Updated 2 years ago
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆118May 2, 2024Updated last year
- Extracting NetNTLM without touching lsass.exe☆242Nov 27, 2023Updated 2 years ago
- .NET assembly loader with patchless AMSI and ETW bypass☆366Apr 19, 2023Updated 2 years ago
- ☆290Jul 20, 2023Updated 2 years ago
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆184Mar 14, 2025Updated 11 months ago
- ☆131Dec 4, 2023Updated 2 years ago
- ROP-based sleep obfuscation to evade memory scanners☆375Jun 22, 2025Updated 7 months ago
- A tool to enumerate and download files from the System Center Configuration Manager (SCCM) SMB share (SCCMContentLib)☆16Jul 27, 2024Updated last year
- ☆341Nov 10, 2025Updated 3 months ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆280Sep 18, 2024Updated last year
- Lateral Movement via the .NET Profiler☆100Nov 21, 2024Updated last year
- A tool for carrying out brute force attacks against Office 365, with built in IP rotation use AWS gateways.☆80Jun 6, 2024Updated last year
- ☆151Oct 2, 2023Updated 2 years ago
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆202Dec 27, 2023Updated 2 years ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆63Mar 19, 2024Updated last year
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints☆121Jul 11, 2025Updated 7 months ago
- Some Rust program I wrote while learning Malware Development☆160Feb 4, 2025Updated last year
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆155May 7, 2024Updated last year
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆408Jan 11, 2026Updated last month
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆167May 30, 2024Updated last year
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆134Dec 20, 2022Updated 3 years ago
- ☆242May 5, 2024Updated last year
- Resources linked to my presentation at OffensiveX in Athens in June 2024 on the topic "Breach the Gat, Advanced Initial Access in 2024"☆146Aug 15, 2024Updated last year
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆671Aug 15, 2025Updated 6 months ago
- NailaoLoader: Hiding Execution Flow via Patching☆22Feb 27, 2025Updated 11 months ago
- My implementation of the GIUDA project in C++☆189Jul 25, 2023Updated 2 years ago
- A .NET malware loader, using API-Hashing to evade static analysis☆210May 30, 2023Updated 2 years ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆25Sep 29, 2023Updated 2 years ago
- UAC Bypass via CMUACUtil & PEB Enumeration, Undetected for now.☆52May 8, 2024Updated last year
- Bypass LSA protection using the BYODLL technique☆171Sep 21, 2024Updated last year
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆609Jan 2, 2025Updated last year
- Encrypted shellcode Injection to avoid Kernel triggered memory scans☆407Sep 12, 2023Updated 2 years ago
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆186Mar 4, 2024Updated last year
- Tool to remotely dump secrets from the Windows registry☆522Nov 18, 2025Updated 2 months ago
- ☆259Jan 21, 2024Updated 2 years ago