bytecode77 / slui-file-handler-hijack-privilege-escalation
Slui File Handler Hijack UAC Bypass Local Privilege Escalation
☆92Updated 3 years ago
Alternatives and similar repositories for slui-file-handler-hijack-privilege-escalation:
Users that are interested in slui-file-handler-hijack-privilege-escalation are comparing it to the libraries listed below
- Injects shellcode into remote processes using direct syscalls☆78Updated 4 years ago
- Weaponizing Gigabyte driver for priv escalation and bypass PPL☆68Updated 5 years ago
- PoC designed to evade userland-hooking anti-virus.☆88Updated 5 years ago
- Windows 10 CDPSvc DLL Hijacking - From LOCAL SERVICE to SYSTEM☆115Updated 5 years ago
- C++ implant that interfaces with a SK8PARK server☆49Updated 3 years ago
- Inject shellcode to process using Windows NTAPI for bypassing EDRs and Antiviruses☆41Updated 4 years ago
- C++ Windows Reverse Shell - Universal DLL Hijack | SSL Encryption | Statically Linked☆88Updated 5 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆105Updated 4 years ago
- An example of how to spawn a process with a spoofed parent PID (Visual C++)☆27Updated 6 years ago
- AmsiScanBufferBypass using D/Invoke☆133Updated 3 years ago
- Shellcode injector using direct syscalls☆119Updated 4 years ago
- C++ function that will automagically unhook a specified Windows API☆62Updated 4 years ago
- Example code for EDR bypassing☆150Updated 6 years ago
- Evasive Process Hollowing Techniques☆139Updated 4 years ago
- ☆13Updated 8 years ago
- Assembly block for hooking windows API functions.☆90Updated 5 years ago
- Manual Map DLL injection implemented with Cobalt Strike's Beacon Object Files.☆151Updated 4 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆188Updated 5 years ago
- Convert PE files to a shellcode☆75Updated 5 years ago
- A simple COM server which provides a component to run shellcode☆134Updated 4 years ago
- Example code for using named pipe output with beacon ReflectiveDLLs☆116Updated 4 years ago
- Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.☆157Updated 5 years ago
- This is a C# implementation of making a process/executable run as NT AUTHORITY/SYSTEM. This is achieved through parent ID spoofing of alm…☆107Updated 2 years ago
- Small POC written in C# that performs shellcode injection on x64 processes using direct syscalls as a way to bypass user-land EDR hooks.☆84Updated 5 years ago
- Initial Commit of Coresploit☆56Updated 3 years ago
- Server/Client SOCKS5 (RFC 1928) in Reverse mode on Windows☆35Updated 6 years ago
- Simple Process Hollowing in C#☆69Updated 7 years ago
- DoppelGate relies on reading ntdll on disk to grab syscall stubs, and patches these syscall stubs into desired functions to bypass Userla…☆121Updated 3 years ago
- Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.☆75Updated 5 years ago
- Shellcode to load an appended Dll☆88Updated 4 years ago