A C implementation of the Sektor7 "A Thief" Windows privesc technique.
☆70Mar 25, 2022Updated 3 years ago
Alternatives and similar repositories for CanYouCTheThief
Users that are interested in CanYouCTheThief are comparing it to the libraries listed below
Sorting:
- ☆17Apr 18, 2023Updated 2 years ago
- Dangling COM Keys Finder☆17Nov 16, 2021Updated 4 years ago
- A C# Tool to find left over pentest data for use in your pentest or redteam op. Blue could maybe use to find files to cleanup☆37Sep 14, 2023Updated 2 years ago
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆58Feb 2, 2026Updated last month
- Beacon Object File PoC implementation of KillDefender☆235Apr 12, 2022Updated 3 years ago
- It's what all the kids are talking about☆12Apr 25, 2023Updated 2 years ago
- ☆208Apr 5, 2022Updated 3 years ago
- C# Utilities for Windows Notification Facility☆159Apr 14, 2025Updated 10 months ago
- Overwrite a process's recovery callback and execute with WER☆102Apr 17, 2022Updated 3 years ago
- Nice try reading NTDLL from disk, nerd.☆19Apr 18, 2022Updated 3 years ago
- process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread☆31Jan 9, 2022Updated 4 years ago
- BOF implementation of the research by @jonasLyk and the drafted PoC from @LloydLabs☆186Oct 3, 2021Updated 4 years ago
- Read Memory without ReadProcessMemory for Current Process☆92Feb 13, 2022Updated 4 years ago
- Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…☆54Apr 10, 2022Updated 3 years ago
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆100Mar 27, 2022Updated 3 years ago
- KaynLdr is a Reflective Loader written in C/ASM☆553Dec 3, 2023Updated 2 years ago
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆49Mar 10, 2023Updated 2 years ago
- ☆16Nov 23, 2021Updated 4 years ago
- It stinks☆103Apr 22, 2022Updated 3 years ago
- Firefox webInjector capable of injecting codes into webpages using a mitmproxy.☆42Oct 30, 2022Updated 3 years ago
- Detect strange memory regions and DLLs☆189Jan 20, 2022Updated 4 years ago
- Bypass Windows defender syscall☆18Jul 17, 2021Updated 4 years ago
- Beacon Object File Loader☆293Dec 3, 2023Updated 2 years ago
- Execute a payload at each right click on a file/folder in the explorer menu for persistence☆175Mar 15, 2023Updated 2 years ago
- Zipper, a CobaltStrike file and folder compression utility.☆222Jan 18, 2020Updated 6 years ago
- A small NtCreateUserProcess PoC that spawns a Command prompt.☆102Aug 25, 2022Updated 3 years ago
- A simple program to hook the current process to identify the manual syscall executions on windows☆265Nov 18, 2022Updated 3 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- Writeup of Payload Techniques in C involving Mutants, Session 1 -> Session 0 migration, and Self-Deletion of payloads.☆129Apr 24, 2022Updated 3 years ago
- A shellcode function to encrypt a running process image when sleeping.☆339Sep 11, 2021Updated 4 years ago
- C# version of MDSec's ParallelSyscalls☆142Jan 9, 2022Updated 4 years ago
- A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.☆87Apr 26, 2025Updated 10 months ago
- ☆170Jan 7, 2022Updated 4 years ago
- Hookers are cooler than patches.☆170Jan 21, 2022Updated 4 years ago
- ☆16Apr 21, 2023Updated 2 years ago
- Plaform independent reverse shell over https☆11Mar 2, 2020Updated 6 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- idk man this was the default github name☆35Apr 23, 2023Updated 2 years ago
- Right-To-Left Override POC☆35Mar 21, 2022Updated 3 years ago