boku7 / x64win-AddRdpAdminShellcodeLinks
64bit Windows 10 shellcode that adds user BOKU:SP3C1ALM0V3 to the system and the localgroups Administrators & "Remote Desktop Users"
☆40Updated 4 years ago
Alternatives and similar repositories for x64win-AddRdpAdminShellcode
Users that are interested in x64win-AddRdpAdminShellcode are comparing it to the libraries listed below
Sorting:
- A simple injector that uses LoadLibraryA☆18Updated 4 years ago
- Just another casual shellcode native loader☆24Updated 3 years ago
- JALSI - Just Another Lame Shellcode Injector☆30Updated 3 years ago
- C# implementation of Shellcode delivery techniques using PInvoke and DInvoke variations for API calling.☆35Updated 3 years ago
- Small POC for process ghosting☆39Updated 3 years ago
- NT AUTHORITY\SYSTEM☆39Updated 4 years ago
- Remove API hooks from a Beacon process.☆14Updated 3 years ago
- Bypass Windows defender syscall☆18Updated 3 years ago
- One gate to all syscalls!☆23Updated 3 years ago
- A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/☆31Updated last year
- C code to enable ETW tracing for Dotnet Assemblies☆31Updated 2 years ago
- Execute shellcode with ZwCreateSection, ZwMapViewOfSection, ZwOpenProcess, ZwMapViewOfSection and ZwCreateThreadEx☆14Updated 4 years ago
- (Sim)ulate (Ba)zar Loader☆29Updated 4 years ago
- Extended Process List (Search functionality)☆29Updated 4 years ago
- Collection of shellcode injection and execution techniques☆17Updated 3 years ago
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆50Updated 2 years ago
- Red Team C2 and Post Exploitation Code☆36Updated 2 months ago
- A repository filled with ideas to break/detect direct syscall techniques☆27Updated 3 years ago
- A C implementation of the Sektor7 "A Thief" Windows privesc technique.☆62Updated 3 years ago
- File Write Weapon for Privilege Escalation To get SYSTEM☆18Updated 5 years ago
- Dell Driver EoP (CVE-2021-21551)☆32Updated 3 years ago
- Recreating and reviewing the Windows persistence methods☆38Updated 3 years ago
- PoC code from blog☆16Updated 5 years ago
- C# Implementation of Jared Atkinson's Get-InjectedThread.ps1☆53Updated 3 years ago
- C# project to Reflectively load .Net assemblies in memory☆17Updated 11 months ago
- I used this to see if an EDR is running in Safe Mode☆37Updated 4 years ago
- Tool to manage user privileges☆28Updated 5 years ago
- Core bypass Windows Defender and execute any binary converted to shellcode☆43Updated 3 years ago
- A variation CredBandit that uses compression to reduce the size of the data that must be trasnmitted.☆19Updated 3 years ago
- Run PowerShell command without invoking powershell.exe☆35Updated 3 years ago