blue0x1 / uac-bypass-oneliners
Collection of one-liners to bypass User Account Control (UAC) in Windows. These techniques exploit certain behavior in Windows applications to elevate privileges.
☆104Updated 2 months ago
Alternatives and similar repositories for uac-bypass-oneliners:
Users that are interested in uac-bypass-oneliners are comparing it to the libraries listed below
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆147Updated last week
- Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks☆94Updated 3 months ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆88Updated 9 months ago
- ☆144Updated 7 months ago
- (0day) Local Privilege Escalation in IObit Malware Fighter☆116Updated 2 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆59Updated 8 months ago
- Patching AmsiOpenSession by forcing an error branching☆143Updated last year
- .NET assembly loader with patchless AMSI and ETW bypass☆319Updated last year
- Havoc C2 profile generator☆74Updated 4 months ago
- ☆121Updated last year
- Sleep obfuscation☆210Updated 3 months ago
- A POC to disable TamperProtection and other Defender / MDE components☆200Updated 9 months ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆157Updated 9 months ago
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆96Updated last year
- Evade EDR's the simple way, by not touching any of the API's they hook.☆89Updated last month
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆176Updated last year
- A set of programs for analyzing common vulnerabilities in COM☆199Updated 6 months ago
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆181Updated last year
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆195Updated last month
- ☆181Updated last year
- Bypass LSA protection using the BYODLL technique☆155Updated 6 months ago
- Windows Kernel Offensive Toolset☆119Updated 6 months ago
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆214Updated last year
- Do some DLL SideLoading magic☆79Updated last year
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆202Updated 2 years ago
- Evasive Golang Loader☆129Updated 7 months ago
- ☆149Updated last year
- Generic PE loader for fast prototyping evasion techniques☆228Updated 8 months ago