cybersectroll / TrollUACLinks
☆144Updated last year
Alternatives and similar repositories for TrollUAC
Users that are interested in TrollUAC are comparing it to the libraries listed below
Sorting:
- ☆151Updated 2 years ago
- ☆92Updated last year
- Remotely Enumerate sessions using undocumented Windows Station APIs☆118Updated last year
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Updated 10 months ago
- ☆137Updated 11 months ago
- ☆159Updated last year
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Updated 2 years ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆101Updated last year
- Indirect Syscall with TartarusGate Approach in Go☆134Updated 7 months ago
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆102Updated 2 years ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆167Updated last year
- A tool to modify SCCM remote control settings on the client machine, enabling remote control without permission prompts or notifications.…☆115Updated last year
- reflectively load and execute PEs locally and remotely bypassing EDR hooks☆163Updated 2 years ago
- Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…☆66Updated 2 years ago
- ☆126Updated last year
- Spoofing desktop login applications with WinForms and WPF☆176Updated last year
- Good CLR Host with Native patchless AMSI Bypass☆102Updated 9 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆50Updated last year
- ☆51Updated 7 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆195Updated last year
- Two tools written in C that block network traffic for blacklisted EDR processes, using either Windows Defender Firewall (WDF) or Windows …☆257Updated 4 months ago
- ☆122Updated 2 years ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆103Updated 9 months ago
- ☆83Updated last year
- A BOF to enumerate system process, their protection levels, and more.☆124Updated last year
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆139Updated last year
- Terminate AV/EDR leveraging BYOVD attack☆104Updated 10 months ago
- Local & remote Windows DLL Proxying☆170Updated last year
- Hide your P/Invoke signatures through other people's signed assemblies☆211Updated last year
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆165Updated 6 months ago