bytecode77 / slui-file-handler-hijack-privilege-escalation
Slui File Handler Hijack UAC Bypass Local Privilege Escalation
☆92Updated 2 years ago
Alternatives and similar repositories for slui-file-handler-hijack-privilege-escalation:
Users that are interested in slui-file-handler-hijack-privilege-escalation are comparing it to the libraries listed below
- Weaponizing Gigabyte driver for priv escalation and bypass PPL☆68Updated 5 years ago
- Lonely x64 binary to Bypass Win10 UAC utilizing ALPC method with [command line]☆32Updated last year
- A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…☆95Updated 5 years ago
- Injects shellcode into remote processes using direct syscalls☆76Updated 4 years ago
- Convert PE files to a shellcode☆74Updated 4 years ago
- Windows 10 CDPSvc DLL Hijacking - From LOCAL SERVICE to SYSTEM☆114Updated 5 years ago
- A simple COM server which provides a component to run shellcode☆133Updated 4 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆105Updated 4 years ago
- Shellcode injector using direct syscalls☆119Updated 4 years ago
- APC DLL Injector with NtQueueApcThread and wake up thread support☆43Updated 7 years ago
- Evasive Process Hollowing Techniques☆137Updated 4 years ago
- Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.☆74Updated 5 years ago
- C++ implant that interfaces with a SK8PARK server☆49Updated 3 years ago
- C++ function that will automagically unhook a specified Windows API☆62Updated 4 years ago
- Assembly HellGate implementation that directly calls Windows System Calls and displays the PPID of the explorer.exe process☆100Updated 2 years ago
- Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.☆156Updated 5 years ago
- medium-rare☆28Updated 5 years ago
- Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler☆28Updated 3 years ago
- AmsiScanBufferBypass using D/Invoke☆131Updated 3 years ago
- Manual Map DLL injection implemented with Cobalt Strike's Beacon Object Files.☆151Updated 4 years ago
- Shellcode to load an appended Dll☆88Updated 4 years ago
- ☆148Updated 4 years ago
- NINA: No Injection, No Allocation x64 Process Injection Technique☆195Updated 4 years ago
- External C2 Using IE COM Objects☆98Updated 6 years ago
- foolav successor - loads DLL, executable or shellcode into memory and runs it effectively bypassing AV☆111Updated 3 years ago
- Inject shellcode to process using Windows NTAPI for bypassing EDRs and Antiviruses☆40Updated 4 years ago
- https://blog.f-secure.com/hiding-malicious-code-with-module-stomping/☆119Updated 5 years ago
- POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…☆40Updated 3 years ago
- C++ Windows Reverse Shell - Universal DLL Hijack | SSL Encryption | Statically Linked☆89Updated 4 years ago
- PoC designed to evade userland-hooking anti-virus.☆88Updated 5 years ago