Alternatives and similar repositories for TrollUAC:

Users that are interested in TrollUAC are comparing it to the libraries listed below

• ZERODETECTION / MSC_Dropper
  ☆136Updated 5 months ago
• 0xsp-SRD / MDE_Enum
  comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…
  ☆193Updated 7 months ago
• cybersectroll / SharpPersistSD
  ☆85Updated 8 months ago
• cpu0x00 / SharpReflectivePEInjection
  reflectively load and execute PEs locally and remotely bypassing EDR hooks
  ☆149Updated last year
• cybersectroll / TrollAMSI
  ☆161Updated 2 months ago
• OtterHacker / SetProcessInjection
  ☆146Updated last year
• rasta-mouse / CsWhispers
  Source generator to add D/Invoke and indirect syscall methods to a C# project.
  ☆173Updated 10 months ago
• mlcsec / FormThief
  Spoofing desktop login applications with WinForms and WPF
  ☆170Updated 10 months ago
• ricardojoserf / NativeBypassCredGuard
  Bypass Credential Guard by patching WDigest.dll using only NTAPI functions
  ☆212Updated last month
• florylsk / SignatureGate
  Weaponized HellsGate/SigFlip
  ☆198Updated last year
• TierZeroSecurity / edr_blocker
  Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…
  ☆141Updated 5 months ago
• Octoberfest7 / Secure_Stager
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆157Updated last month
• fanbyprinciple / bin2shellcode
  .bin file to shellcode convertor
  ☆31Updated 6 months ago
• ipSlav / DirtyCLR
  An App Domain Manager Injection DLL PoC on steroids
  ☆164Updated last year
• MythicAgents / Hannibal
  A Mythic Agent written in PIC C.
  ☆167Updated last week
• Offensive-Panda / LsassReflectDumping
  This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…
  ☆175Updated 3 months ago
• rad9800 / FileRenameJunctionsEDRDisable
  ☆136Updated last month
• florylsk / ExecIT
  Execute shellcode files with rundll32
  ☆191Updated 11 months ago
• Cracked5pider / earlycascade-injection
  early cascade injection PoC based on Outflanks blog post
  ☆194Updated 2 months ago
• NtDallas / Svartalfheim
  Stage 0
  ☆140Updated last month
• NtDallas / KrakenMask
  Sleep obfuscation
  ☆199Updated last month
• vxCrypt0r / AMSI_VEH
  A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…
  ☆153Updated 7 months ago
• AlteredSecurity / Disable-TamperProtection
  A POC to disable TamperProtection and other Defender / MDE components
  ☆194Updated 7 months ago
• naksyn / Embedder
  Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies
  ☆115Updated 7 months ago
• som3canadian / Cloudflare-Redirector
  Just another C2 Redirector using CloudFlare.
  ☆82Updated 8 months ago
• mlcsec / EDRenum-BOF
  Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.
  ☆112Updated 3 months ago
• securifybv / BOFRyptor
  ☆120Updated last year
• itm4n / PPLrevenant
  Bypass LSA protection using the BYODLL technique
  ☆153Updated 3 months ago
• Macmod / ldapx
  Flexible LDAP proxy that can be used to inspect & transform all LDAP packets generated by other tools on the fly.
  ☆101Updated last month