connormcgarr / Kernel-Escalation-of-Privileges-Payloads
NT AUTHORITY\SYSTEM
☆39Updated 4 years ago
Alternatives and similar repositories for Kernel-Escalation-of-Privileges-Payloads:
Users that are interested in Kernel-Escalation-of-Privileges-Payloads are comparing it to the libraries listed below
- "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …☆39Updated 4 years ago
- Windows GPU rootkit PoC by Team Jellyfish☆35Updated 9 years ago
- Recreating and reviewing the Windows persistence methods☆38Updated 3 years ago
- ☆22Updated 4 years ago
- Various tools, PoCs and experiments related to my blog at https://www.forrest-orr.net/☆36Updated 3 years ago
- Listing UDP connections with remote address without sniffing.☆29Updated last year
- Enabled / Disable LSA Protection via BYOVD☆66Updated 3 years ago
- ☆31Updated 4 years ago
- An Xdbg Plugin of the ERC Library.☆26Updated last year
- ☆82Updated 7 months ago
- Process Injection without R/W target memory and without creating a remote thread☆18Updated 3 years ago
- A Practical example of ELAM (Early Launch Anti-Malware)☆32Updated 3 years ago
- A C implementation of the Sektor7 "A Thief" Windows privesc technique.☆62Updated 3 years ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆72Updated 3 years ago
- Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits☆28Updated 2 years ago
- Implementation of Advanced Module Stomping and Heap/Stack Encryption☆9Updated last year
- An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples☆69Updated 3 years ago
- File Write Weapon for Privilege Escalation To get SYSTEM☆18Updated 4 years ago
- 64bit Windows 10 shellcode that adds user BOKU:SP3C1ALM0V3 to the system and the localgroups Administrators & "Remote Desktop Users"☆38Updated 3 years ago
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆54Updated 2 years ago
- Yet another Windows DLL injector.☆38Updated 3 years ago
- ☆28Updated 5 months ago
- Parser for a custom executable format from Hidden Bee malware (first stage)☆41Updated 6 months ago
- Example for PagedOut!☆24Updated 5 years ago
- Rite Of Passage ROP Injector☆34Updated 5 years ago
- Clone running process with ZwCreateProcess☆57Updated 4 years ago
- Cross-platform malware development library for anti-analysis techniques☆24Updated 3 years ago
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆26Updated last year
- ☆15Updated 4 years ago
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆50Updated 2 years ago