ethereal-vx / Persistence
Recreating and reviewing the Windows persistence methods
☆39Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for Persistence
- A simple dumper as FreshyCalls' PoC. That's what's trendy, isn't it? ¯\_(ツ)_/¯☆39Updated 3 years ago
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆53Updated 2 years ago
- ☆37Updated 3 years ago
- ☆58Updated 2 years ago
- Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits☆28Updated 2 years ago
- ☆31Updated 4 years ago
- A small commented POC for removing API hooks placed by AV/EDR.☆33Updated 4 years ago
- ☆49Updated 4 years ago
- Injects shellcode into remote processes using direct syscalls☆75Updated 3 years ago
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆92Updated 3 years ago
- (Sim)ulate (Ba)zar Loader☆29Updated 4 years ago
- Assembly HellGate implementation that directly calls Windows System Calls and displays the PPID of the explorer.exe process☆97Updated last year
- Enabled / Disable LSA Protection via BYOVD☆62Updated 2 years ago
- ☆14Updated 2 years ago
- ☆79Updated 2 years ago
- API Hammering with C++20☆34Updated 2 years ago
- Overwrite a process's recovery callback and execute with WER☆102Updated 2 years ago
- ☆36Updated 2 years ago
- NT AUTHORITY\SYSTEM☆38Updated 4 years ago
- A simple COM server which provides a component to run shellcode☆132Updated 4 years ago
- A C implementation of the Sektor7 "A Thief" Windows privesc technique.☆61Updated 2 years ago
- ☆67Updated last year
- CSharp Writeups for HackSys Extreme Vulnerable Driver☆43Updated 2 years ago
- ☆98Updated 2 years ago
- Inject shellcode to process using Windows NTAPI for bypassing EDRs and Antiviruses☆40Updated 3 years ago
- ☆76Updated 2 months ago