boku7 / x64win-AddRdpAdminShellcode
64bit Windows 10 shellcode that adds user BOKU:SP3C1ALM0V3 to the system and the localgroups Administrators & "Remote Desktop Users"
☆37Updated 3 years ago
Alternatives and similar repositories for x64win-AddRdpAdminShellcode:
Users that are interested in x64win-AddRdpAdminShellcode are comparing it to the libraries listed below
- A simple injector that uses LoadLibraryA☆17Updated 4 years ago
- JALSI - Just Another Lame Shellcode Injector☆30Updated 3 years ago
- Bypass Windows defender syscall☆18Updated 3 years ago
- A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro…☆22Updated 2 years ago
- Just another casual shellcode native loader☆24Updated 3 years ago
- C# implementation of Shellcode delivery techniques using PInvoke and DInvoke variations for API calling.☆35Updated 3 years ago
- Adapt practically persistence steadiness strategies working at Windows 10 utilized by sponsored nation-state threat actors, as Turla, Pro…☆20Updated 4 years ago
- AmsiHook is a project I created to figure out a bypass to AMSI via function hooking.☆64Updated 4 years ago
- (Sim)ulate (Ba)zar Loader☆29Updated 4 years ago
- File Write Weapon for Privilege Escalation To get SYSTEM☆17Updated 4 years ago
- Get or remove RunMRU values☆53Updated 5 years ago
- A C implementation of the Sektor7 "A Thief" Windows privesc technique.☆61Updated 2 years ago
- Collection of shellcode injection and execution techniques☆16Updated 3 years ago
- Recreating and reviewing the Windows persistence methods☆37Updated 3 years ago
- C# project to Reflectively load .Net assemblies in memory☆17Updated 7 months ago
- ☆47Updated 3 years ago
- A variation CredBandit that uses compression to reduce the size of the data that must be trasnmitted.☆18Updated 3 years ago
- NT AUTHORITY\SYSTEM☆37Updated 4 years ago
- Small POC for process ghosting☆39Updated 3 years ago
- A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/☆30Updated 11 months ago
- Execute Mimikatz with different technique☆51Updated 3 years ago
- AMSI Bypass for powershell☆30Updated 2 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Updated 2 years ago
- A .NET binary loader that bypasses AMSI☆44Updated 3 years ago
- Python 3 server used to control SK8RAT implant☆35Updated 4 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆31Updated 2 years ago
- Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10☆37Updated 2 years ago
- A custom run space to bypass AMSI and Constrained Language mode in PowerShell.☆18Updated last year
- One gate to all syscalls!☆23Updated 2 years ago
- Ransoblin (Ransomware Bokoblin)☆17Updated 4 years ago