crisprss/BypassUserAdd external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

crisprss/BypassUserAdd

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/crisprss/BypassUserAdd)

Close

crisprss / BypassUserAddView on GitHubMore

• External links
• Readme badge

通过反射DLL注入、Win API、C#、以及底层实现NetUserAdd方式实现BypassAV进行增加用户的功能,实现Cobalt Strike插件化

☆344Apr 10, 2022Updated 3 years ago

Alternatives and similar repositories for BypassUserAdd

Users that are interested in BypassUserAdd are comparing it to the libraries listed below

• yanghaoi / CobaltStrike_CNA

  View on GitHub
  使用多种WinAPI进行权限维持的CobaltStrike脚本，包含API设置系统服务，设置计划任务，管理用户等。
  ☆554Jan 18, 2022Updated 4 years ago
• Rvn0xsy / PassDecode-jar

  View on GitHub
  帆软/致远密码解密工具
  ☆359Jul 29, 2021Updated 4 years ago
• Yihsiwei / GetOut360

  View on GitHub
  强制关闭360 需要管理员权限
  ☆170Feb 6, 2022Updated 4 years ago
• seventeenman / CallBackDump

  View on GitHub
  dump lsass进程工具
  ☆561Jul 20, 2023Updated 2 years ago
• An0nySec / UserAdd

  View on GitHub
  Bypass AV 用户添加
  ☆169Dec 30, 2021Updated 4 years ago
• mai1zhi2 / SharpBeacon

  View on GitHub
  CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon，其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能
  ☆730Sep 1, 2021Updated 4 years ago
• exp1orer / JNDI-Inject-Exploit

  View on GitHub
  解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用，探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入
  ☆772Jan 26, 2022Updated 4 years ago
• crisprss / PetitPotam

  View on GitHub
  替代PrintBug用于本地提权的新方式，主要利用MS-EFSR协议中的接口函数 借鉴了Potitpotam中对于EFSR协议的利用,实现了本地提权的一系列方式 Drawing on the use of the EFSR protocol in Potitpotam, …
  ☆149Mar 13, 2022Updated 4 years ago
• JDArmy / DCSec

  View on GitHub
  域控安全one for all
  ☆736Sep 9, 2024Updated last year
• Schira4396 / VcenterKiller

  View on GitHub
  一款针对Vcenter的综合利用工具，包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j，提供一键上传webs…
  ☆1,468Apr 25, 2024Updated last year
• Rvn0xsy / SchtaskCreator

  View on GitHub
  远程创建任务计划工具
  ☆190Apr 23, 2022Updated 3 years ago
• JDArmy / RPCSCAN

  View on GitHub
  RPC远程主机信息匿名扫描工具
  ☆319Sep 30, 2022Updated 3 years ago
• achuna33 / Memoryshell-JavaALL

  View on GitHub
  收集内存马打入方式
  ☆507May 20, 2022Updated 3 years ago
• lintstar / LSTAR

  View on GitHub
  LSTAR - CobaltStrike 综合后渗透插件
  ☆1,262Jan 30, 2022Updated 4 years ago
• lele8 / SharpUserIP

  View on GitHub
  获取服务器或域控登录日志
  ☆276Sep 8, 2023Updated 2 years ago
• Aquilao / GoTokenTheft

  View on GitHub
  Token stealing tool written by Go. Bypass Kaspersky,Defender,Avira, etc./Go 编写的 Token 窃取工具。免杀卡巴、Defender、小红伞等杀软
  ☆188Jan 16, 2025Updated last year
• hayasec / 360SafeBrowsergetpass

  View on GitHub
  这是一个一键辅助抓取360安全浏览器密码的CobaltStrike脚本以及解密小工具，用于节省红队工作量，通过下载浏览器数据库、记录密钥来离线解密浏览器密码。
  ☆637Apr 4, 2021Updated 4 years ago
• 9bie / sshdHooker

  View on GitHub
  One-click injection into the SSHD process to record and send the password for ssh login
  ☆427Mar 12, 2024Updated 2 years ago
• novysodope / RMI_Inj_MemShell

  View on GitHub
  rmi打内存马工具，适用于目标用不了ldap的情况
  ☆253Jul 12, 2023Updated 2 years ago
• passer-W / shc_bypass

  View on GitHub
  内存加载shellcode绕过waf
  ☆209Jul 25, 2022Updated 3 years ago
• Ryze-T / cdb-wds

  View on GitHub
  利用白名单文件 cdb.exe 执行 shellcode
  ☆215Jun 29, 2022Updated 3 years ago
• lengjibo / NetUser

  View on GitHub
  使用windows api添加用户，可用于net无法使用时.分为nim版，c++版本，RDI版，BOF版。
  ☆421Sep 29, 2021Updated 4 years ago
• 0x727 / SchTask_0x727

  View on GitHub
  创建隐藏计划任务，权限维持，Bypass AV
  ☆559Sep 1, 2021Updated 4 years ago
• Peithon / JustC2file

  View on GitHub
  Burp插件，Malleable C2 Profiles生成器；可以通过Burp代理选中请求，生成Cobalt Strike的profile文件(CSprofile)
  ☆291Jan 15, 2022Updated 4 years ago
• JDArmy / SharpXDecrypt

  View on GitHub
  Xshell全版本密码恢复工具
  ☆931Jun 8, 2023Updated 2 years ago
• Adminisme / SharpRDPLog

  View on GitHub
  Windows rdp相关的登录记录导出工具，可用于后渗透中Windows服务器的信息收集阶段。输出内容包括：本地rdp端口、mstsc缓存、cmdkey缓存、登录成功、失败日志事件。
  ☆282Jun 23, 2024Updated last year
• Ciyfly / microwaveo

  View on GitHub
  将dll exe 等转成shellcode 最后输出exe 可定制加载器模板 支持白文件的捆绑 shellcode 加密
  ☆368Sep 8, 2022Updated 3 years ago
• 0671 / RedisModules-ExecuteCommand-for-Windows

  View on GitHub
  可在Windows下执行系统命令的Redis模块，可用于Redis主从复制攻击。
  ☆264Nov 25, 2022Updated 3 years ago
• Wrin9 / weaverOA_sql_RCE

  View on GitHub
  泛微OA_V9全版本的SQL远程代码执行漏洞
  ☆157Apr 20, 2022Updated 3 years ago
• Dr-S1x17 / NoNetCmdEcho-FileW.e

  View on GitHub
  应对渗透中极限环境下命令回显 & 文件落地
  ☆132Jul 1, 2022Updated 3 years ago
• Tas9er / ByPassBehinder4J

  View on GitHub
  冰蝎Java WebShell自动化免杀生成
  ☆783Mar 15, 2022Updated 4 years ago
• FunnyWolf / TFirewall

  View on GitHub
  防火墙出网探测工具,内网穿透型socks5代理
  ☆269Nov 12, 2021Updated 4 years ago
• evilashz / SharpADUserIP

  View on GitHub
  提取DC日志，快速获取域用户对应IP地址
  ☆309Mar 21, 2022Updated 3 years ago
• czz1233 / GBByPass

  View on GitHub
  冰蝎 哥斯拉 WebShell bypass
  ☆763Jan 15, 2026Updated 2 months ago
• safe6Sec / PentestDB

  View on GitHub
  各种数据库的利用姿势
  ☆1,033Jan 3, 2025Updated last year
• safe6Sec / GolangBypassAV

  View on GitHub
  研究利用golang各种姿势bypassAV
  ☆816Apr 11, 2022Updated 3 years ago
• uknowsec / SharpEventLog

  View on GitHub
  c# 读取登录过本机的登录失败或登录成功（4624，4625）的所有计算机信息，在内网渗透中快速定位运维管理人员。
  ☆206Oct 15, 2019Updated 6 years ago
• SkewwG / domainTools

  View on GitHub
  内网域渗透小工具
  ☆733Apr 20, 2021Updated 4 years ago
• evilashz / PigScheduleTask

  View on GitHub
  添加计划任务方法集合
  ☆310Aug 6, 2023Updated 2 years ago