Alternatives and similar repositories for uac-bypass-oneliners

Users that are interested in uac-bypass-oneliners are comparing it to the libraries listed below

• som3canadian / Cloudflare-Redirector
  Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.
  ☆174Updated 5 months ago
• AlteredSecurity / Disable-TamperProtection
  A POC to disable TamperProtection and other Defender / MDE components
  ☆228Updated last year
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆79Updated 4 months ago
• voidvxvt / HellBunny
  Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks
  ☆116Updated 8 months ago
• 0xsch1zo / NullGate
  Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.
  ☆153Updated 3 weeks ago
• brosck / Reaper
  「💀」Proof of concept on BYOVD attack
  ☆161Updated 8 months ago
• gsmith257-cyber / better-sliver
  Adversary Emulation Framework
  ☆123Updated last month
• andreisss / Ghosting-AMSI
  Ghosting-AMSI
  ☆211Updated 4 months ago
• NtDallas / KrakenMask
  Sleep obfuscation
  ☆231Updated 8 months ago
• BlackSnufkin / NyxInvoke
  NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…
  ☆223Updated 6 months ago
• Darkrain2009 / RedExt
  Chrome browser extension-based Command & Control
  ☆166Updated last month
• vxCrypt0r / AMSI_VEH
  A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…
  ☆162Updated last year
• BlackShell256 / Null-AMSI
  Null-AMSI is an AMSI and ETW bypass that takes advantage of .NET types (.NET Reflection) to bypassing AV/EDR.
  ☆72Updated last month
• ricardojoserf / NativeBypassCredGuard
  Bypass Credential Guard by patching WDigest.dll using only NTAPI functions
  ☆252Updated 4 months ago
• MzHmO / Parasite-Invoke
  Hide your P/Invoke signatures through other people's signed assemblies
  ☆211Updated last year
• nettitude / Tartarus-TpAllocInject
  ☆192Updated last year
• Maldev-Academy / Christmas
  ☆260Updated last year
• ZERODETECTION / MSC_Dropper
  ☆194Updated last year
• nixpal / shellsilo
  SHELLSILO is a cutting-edge tool that translates C syntax into syscall assembly and its corresponding shellcode. It streamlines the proce…
  ☆139Updated 3 weeks ago
• synacktiv / DLHell
  Local & remote Windows DLL Proxying
  ☆165Updated last year
• boku7 / patchwerk
  BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)
  ☆187Updated 6 months ago
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆46Updated last year
• Octoberfest7 / Secure_Stager
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆192Updated 9 months ago
• cybersectroll / TrollAMSI
  ☆182Updated 2 months ago
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆91Updated last year
• Maldev-Academy / AlphabeticalPolyShellGen
  Generate an Alphabetical Polymorphic Shellcode
  ☆97Updated last week
• oh-az / NoArgs
  NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…
  ☆153Updated last year
• almounah / go-buena-clr
  Good CLR Host with Native patchless AMSI Bypass
  ☆87Updated 4 months ago
• mlcsec / FormThief
  Spoofing desktop login applications with WinForms and WPF
  ☆176Updated last year
• Tylous / Mangle
  Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs
  ☆88Updated 2 years ago