eladshamir / SharpElevator

SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and published in his brilliant post at: https://googleprojectzero.blogspot.com/2019/12/calling-local-windows-rpc-servers-from.html

☆49

Related projects ⓘ

Alternatives and complementary repositories for SharpElevator

Mav3rick33 / ZenLdr
Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature
☆95Updated last year
Octoberfest7 / JumpSession_BOF
Beacon Object File allowing creation of Beacons in different sessions.
☆76Updated 2 years ago
ScriptIdiot / sleepmask_PatchlessHook
Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW
☆78Updated last year
werdhaihai / SharpAltShellCodeExec
Alternative Shellcode Execution Via Callbacks in C# with P/Invoke
☆72Updated last year
S4ntiagoP / freeBokuLoader
A simple BOF that frees UDRLs
☆109Updated 2 years ago
d4rkiZ / EmbedExeLnk-
EmbedExeLnk by x86matthew modified by d4rkiZ
☆29Updated last year
xforcered / BOFMask
☆119Updated last year
REDMED-X / InjectKit
Modified versions of the Cobalt Strike Process Injection Kit
☆88Updated 10 months ago
snovvcrash / BOFs
Beacon Object Files (not Buffer Overflows)
☆51Updated last year
trustedsec / PPLFaultDumpBOF
☆133Updated last year
MrAle98 / BOF-RunPE
☆51Updated last year
klezVirus / SharpLdapRelayScan
C# Port of LdapRelayScan
☆77Updated 2 years ago
fin3ss3g0d / IoDllProxyLoad
DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly
☆58Updated 8 months ago
GetRektBoy724 / SharpHalos
My implementation of Halo's Gate technique in C#
☆53Updated 2 years ago
c3r3br4t3 / ShadowRDP
☆62Updated 9 months ago
netero1010 / Quser-BOF
Cobalt Strike BOF for quser.exe implementation using Windows API
☆83Updated last year
weaselsec / ClickOnce-AppDomain-Manager-Injection
Click Once + App Domain
☆62Updated 11 months ago
CICADA8-Research / TypeLibWalker
TypeLib persistence technique
☆75Updated last month
GetRektBoy724 / HalosUnhooker
Halos Gate-based NTAPI Unhooker
☆49Updated 2 years ago
parzel / GoSleepyCrypt
In-memory sleep encryption and heap encryption for Go applications through a shellcode function.
☆39Updated 10 months ago
williamknows / BOF.NET
A .NET Runtime for Cobalt Strike's Beacon Object Files
☆59Updated last month
ceramicskate0 / SharpExchange
C# Tool to interact with MS Exchange based on MS docs
☆98Updated last year
susMdT / AceLdr
Cobalt Strike UDRL for memory scanner evasion.
☆36Updated 11 months ago
X-C3LL / SharpNTLMRawUnHide
C# version of NTLMRawUnHide
☆72Updated 2 years ago
netero1010 / TrustedPath-UACBypass-BOF
Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.…
☆118Updated 3 years ago
Yair-Men / Passenger
ProcExp Driver (Ab)use
☆20Updated last year
dis0rder0x00 / ParentProcessManipulation-LNK
Using LNK files and user input simulation to start processes under explorer.exe
☆23Updated 2 months ago
EspressoCake / DLL-Exports-Extraction-BOF
DLL Exports Extraction BOF with optional NTFS transactions.
☆78Updated 3 years ago
EspressoCake / Defender-Exclusions-Creator-BOF
☆76Updated last year