cybersectroll/TrollUAC external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

cybersectroll/TrollUAC

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/cybersectroll/TrollUAC)

Close

cybersectroll / TrollUACView on GitHubMore

• External links
• Readme badge

☆143May 22, 2024Updated last year

Alternatives and similar repositories for TrollUAC

Users that are interested in TrollUAC are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• cybersectroll / TrollAMSI

  View on GitHub
  ☆188Jun 14, 2025Updated 9 months ago
• cybersectroll / SharpPersistSD

  View on GitHub
  ☆91May 15, 2024Updated last year
• thiagopeixoto / mystique-self-injection

  View on GitHub
  An improvement and a different approach to Mockingjay Self-Injection.
  ☆35May 21, 2024Updated last year
• cybersectroll / TrollDump

  View on GitHub
  ☆84May 19, 2024Updated last year
• antonioCoco / SspiUacBypass

  View on GitHub
  Bypassing UAC with SSPI Datagram Contexts
  ☆465Sep 24, 2023Updated 2 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• nettitude / TokenCert

  View on GitHub
  TokenCert
  ☆102Nov 15, 2024Updated last year
• AlteredSecurity / Disable-TamperProtection

  View on GitHub
  A POC to disable TamperProtection and other Defender / MDE components
  ☆255Jun 6, 2024Updated last year
• xct / CVE-2024-27460

  View on GitHub
  Plantronics Desktop Hub LPE
  ☆37May 15, 2024Updated last year
• KiExitDispatcher / EDR-XDR-AV-Killer

  View on GitHub
  Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver
  ☆292Apr 21, 2025Updated 11 months ago
• vxCrypt0r / AMSI_VEH

  View on GitHub
  A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…
  ☆170May 30, 2024Updated last year
• Offensive-Panda / RWX_MEMEORY_HUNT_AND_INJECTION_DV

  View on GitHub
  Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
  ☆291May 27, 2024Updated last year
• Cipher7 / ChaiLdr

  View on GitHub
  AV bypass while you sip your Chai!
  ☆223May 17, 2024Updated last year
• huntandhackett / PassiveAggression

  View on GitHub
  Source code and examples for PassiveAggression
  ☆64Jun 6, 2024Updated last year
• rasta-mouse / CsWhispers

  View on GitHub
  Source generator to add D/Invoke and indirect syscall methods to a C# project.
  ☆192Mar 4, 2024Updated 2 years ago
• Simple, predictable pricing with DigitalOcean hosting • Ad
  Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
• naksyn / DojoLoader

  View on GitHub
  Generic PE loader for fast prototyping evasion techniques
  ☆245Jul 2, 2024Updated last year
• deh00ni / NtDumpBOF

  View on GitHub
  ☆100Sep 1, 2024Updated last year
• 0xsp-SRD / MDE_Enum

  View on GitHub
  comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…
  ☆210Jun 10, 2024Updated last year
• itm4n / PPLrevenant

  View on GitHub
  Bypass LSA protection using the BYODLL technique
  ☆177Sep 21, 2024Updated last year
• rweijnen / createdump

  View on GitHub
  Leverage WindowsApp createdump tool to obtain an lsass dump
  ☆153Sep 20, 2024Updated last year
• mlcsec / FormThief

  View on GitHub
  Spoofing desktop login applications with WinForms and WPF
  ☆177Feb 19, 2024Updated 2 years ago
• VoldeSec / PatchlessCLRLoader

  View on GitHub
  .NET assembly loader with patchless AMSI and ETW bypass
  ☆375Apr 19, 2023Updated 2 years ago
• ricardojoserf / NativeDump

  View on GitHub
  Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
  ☆702May 7, 2025Updated 11 months ago
• wwh1004 / AmsiBypassUacDetector

  View on GitHub
  Detect BypassUAC using AMSI
  ☆29Feb 18, 2025Updated last year
• Open source password manager - Proton Pass • Ad
  Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
• MzHmO / Parasite-Invoke

  View on GitHub
  Hide your P/Invoke signatures through other people's signed assemblies
  ☆210Mar 10, 2024Updated 2 years ago
• decoder-it / ADCSCoercePotato

  View on GitHub
  ☆245May 5, 2024Updated last year
• sexyiam / UAC-Bypass

  View on GitHub
  UAC Bypass via CMUACUtil & PEB Enumeration, Undetected for now.
  ☆52May 8, 2024Updated last year
• nettitude / SharpConflux

  View on GitHub
  ☆65Mar 15, 2024Updated 2 years ago
• BlackSnufkin / NyxInvoke

  View on GitHub
  NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…
  ☆234Feb 12, 2025Updated last year
• Slowerzs / PPLSystem

  View on GitHub
  ☆206May 29, 2024Updated last year
• Xre0uS / MultiDump

  View on GitHub
  MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.
  ☆537Nov 14, 2025Updated 4 months ago
• 0xEr3bus / RdpStrike

  View on GitHub
  Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.
  ☆250Jun 11, 2024Updated last year
• ricardojoserf / NativeBypassCredGuard

  View on GitHub
  Bypass Credential Guard by patching WDigest.dll using only NTAPI functions
  ☆269Apr 8, 2025Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• Meowmycks / LetMeowIn

  View on GitHub
  A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.
  ☆445Jul 8, 2024Updated last year
• vxCrypt0r / Voidgate

  View on GitHub
  A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…
  ☆593Jun 12, 2024Updated last year
• CICADA8-Research / RemoteKrbRelay

  View on GitHub
  Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
  ☆639May 8, 2025Updated 11 months ago
• WKL-Sec / LayeredSyscall

  View on GitHub
  Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …
  ☆301Jul 31, 2024Updated last year
• decoder-it / KrbRelay-SMBServer

  View on GitHub
  ☆234Oct 8, 2024Updated last year
• icyguider / UAC-BOF-Bonanza

  View on GitHub
  Collection of UAC Bypass Techniques Weaponized as BOFs
  ☆617Feb 21, 2024Updated 2 years ago
• JanielDary / ImmoralFiber

  View on GitHub
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆283Sep 18, 2024Updated last year