boku7 / x64win-AddRdpAdminShellcodeLinks
64bit Windows 10 shellcode that adds user BOKU:SP3C1ALM0V3 to the system and the localgroups Administrators & "Remote Desktop Users"
☆41Updated 4 years ago
Alternatives and similar repositories for x64win-AddRdpAdminShellcode
Users that are interested in x64win-AddRdpAdminShellcode are comparing it to the libraries listed below
Sorting:
- JALSI - Just Another Lame Shellcode Injector☆30Updated 4 years ago
- A simple injector that uses LoadLibraryA☆18Updated 5 years ago
- AmsiHook is a project I created to figure out a bypass to AMSI via function hooking.☆67Updated 5 years ago
- Injects shellcode into remote processes using direct syscalls☆77Updated 5 years ago
- Small POC for process ghosting☆40Updated 4 years ago
- Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10☆37Updated 3 years ago
- (Sim)ulate (Ba)zar Loader☆29Updated 5 years ago
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆92Updated 4 years ago
- Execute Mimikatz with different technique☆51Updated 4 years ago
- A C implementation of the Sektor7 "A Thief" Windows privesc technique.☆70Updated 3 years ago
- RDPThief donut shellcode inject into mstsc☆88Updated 4 years ago
- Run PowerShell command without invoking powershell.exe☆35Updated 4 years ago
- Recreating and reviewing the Windows persistence methods☆39Updated 4 years ago
- A .NET binary loader that bypasses AMSI☆45Updated 4 years ago
- I used this to see if an EDR is running in Safe Mode☆36Updated 4 years ago
- Ransoblin (Ransomware Bokoblin)☆18Updated 5 years ago
- C# implementation of Shellcode delivery techniques using PInvoke and DInvoke variations for API calling.☆37Updated 4 years ago
- Just another casual shellcode native loader☆25Updated 4 years ago
- Windows File Enumeration Intel Gathering Tool.☆17Updated 2 years ago
- A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/☆31Updated last year
- One gate to all syscalls!☆23Updated 3 years ago
- all credits go to @mgeeky☆64Updated 4 years ago
- Extended Process List (Search functionality)☆29Updated 5 years ago
- IOXIDResolver from AirBus Security/PingCastle☆51Updated 5 years ago
- AppXSVC Service race condition - privilege escalation☆29Updated 6 years ago
- ☆55Updated 4 years ago
- Core bypass Windows Defender and execute any binary converted to shellcode☆44Updated 4 years ago
- Hardened Proof of Concept of D/Invoke Process Injection malware☆42Updated 5 years ago
- A more advanced free and open .NET obfuscator using dnlib.☆10Updated 3 years ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆84Updated 3 years ago