blue0x1 / uac-bypass-oneliners
Collection of one-liners to bypass User Account Control (UAC) in Windows. These techniques exploit certain behavior in Windows applications to elevate privileges.
☆105Updated 3 months ago
Alternatives and similar repositories for uac-bypass-oneliners:
Users that are interested in uac-bypass-oneliners are comparing it to the libraries listed below
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆154Updated last month
- A POC to disable TamperProtection and other Defender / MDE components☆208Updated 10 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆60Updated 9 months ago
- Sleep obfuscation☆216Updated 4 months ago
- Patching AmsiOpenSession by forcing an error branching☆145Updated last year
- ☆153Updated 8 months ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆89Updated 10 months ago
- Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks☆105Updated 4 months ago
- Evade EDR's the simple way, by not touching any of the API's they hook.☆100Updated 2 months ago
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆224Updated 2 years ago
- ☆151Updated last year
- Havoc C2 profile generator☆77Updated 5 months ago
- IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.☆99Updated last year
- Bypass LSA protection using the BYODLL technique☆157Updated 7 months ago
- Robust Cobalt Strike shellcode loader with multiple advanced evasion features☆123Updated last week
- Two in one, patch lifetime powershell console, no more etw and amsi!☆88Updated 9 months ago
- ☆170Updated 5 months ago
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆97Updated last year
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆205Updated 2 months ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆160Updated 10 months ago
- .NET assembly loader with patchless AMSI and ETW bypass☆328Updated 2 years ago
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Updated 3 weeks ago
- ☆122Updated last year
- reflectively load and execute PEs locally and remotely bypassing EDR hooks☆150Updated last year
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆187Updated 4 months ago
- A set of programs for analyzing common vulnerabilities in COM☆210Updated 7 months ago
- .bin file to shellcode convertor☆34Updated 9 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆173Updated 2 months ago
- ☆180Updated last year
- Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies☆118Updated 10 months ago