expl0itabl3 / uac-bypass-cmstpView external linksLinks
Use CMSTP.exe to bypass UAC.
☆52Jun 24, 2022Updated 3 years ago
Alternatives and similar repositories for uac-bypass-cmstp
Users that are interested in uac-bypass-cmstp are comparing it to the libraries listed below
Sorting:
- Using LNK files and user input simulation to start processes under explorer.exe☆33Sep 21, 2024Updated last year
- This project is created for research into antivirus evasion by unhooking.☆18Sep 2, 2021Updated 4 years ago
- Detect EDR's exceptions by inspecting processes' loaded modules☆130Mar 15, 2024Updated last year
- ☆131Dec 4, 2023Updated 2 years ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆49Mar 15, 2023Updated 2 years ago
- ☆11Feb 12, 2023Updated 3 years ago
- Remote code execution in Power Platform connectors via JSON deserialization☆23Mar 30, 2023Updated 2 years ago
- A persistant Windows Service Proof of Concept, where the Service will run after Restart or Shutdown, and invoke a given software executab…☆37Sep 28, 2023Updated 2 years ago
- Exploitation of process killer drivers☆202Oct 17, 2023Updated 2 years ago
- 过木马免杀制作器☆55Sep 26, 2023Updated 2 years ago
- Interactive program for loading AES encrypted shellcode with Dynamic Invocation, and interactive .NET assemblies in memory.☆13Mar 16, 2022Updated 3 years ago
- Beacon Object File implementation of Event Viewer deserialization UAC bypass☆133May 6, 2022Updated 3 years ago
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆249Jun 11, 2024Updated last year
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆209Nov 12, 2025Updated 3 months ago
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆125Feb 13, 2023Updated 3 years ago
- Example of C# heap injector for x64 and x86 shellcodes☆14Jan 1, 2023Updated 3 years ago
- HookDetection☆45Sep 3, 2021Updated 4 years ago
- BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released a…☆394Jan 9, 2024Updated 2 years ago
- C# program to take a full size screenshot or a recording of the user's desktop. Takes in 0-3 flags☆83Oct 2, 2020Updated 5 years ago
- Use hardware breakpoints to spoof the call stack for both syscalls and API calls☆201Jun 6, 2024Updated last year
- Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime☆314Aug 2, 2023Updated 2 years ago
- This is my own implementation of the Perun's Fart technique by Sektor7☆72May 14, 2022Updated 3 years ago
- Repository for dirty scripts and PoCs☆20Feb 18, 2025Updated 11 months ago
- Small PoC of using a Microsoft signed executable as a lolbin.☆141Feb 27, 2023Updated 2 years ago
- Bypassing UAC with SSPI Datagram Contexts☆460Sep 24, 2023Updated 2 years ago
- idk man this was the default github name☆35Apr 23, 2023Updated 2 years ago
- Exploring in-memory execution of .NET☆138Apr 20, 2022Updated 3 years ago
- SharpAddDomainMachine☆69Oct 12, 2021Updated 4 years ago
- ☆15Nov 19, 2023Updated 2 years ago
- Patch AMSI and ETW☆250May 8, 2024Updated last year
- CobaltStrike beacon in rust☆208Aug 10, 2024Updated last year
- Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.☆383Mar 8, 2023Updated 2 years ago
- Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules☆43May 6, 2023Updated 2 years ago
- A nim implementation of sRDI☆20Oct 18, 2023Updated 2 years ago
- shellcode loader by c++,免杀,bypass,☆15Sep 5, 2022Updated 3 years ago
- 一种通过进程注入实现强制关闭部分杀软进程的方法(以360安全卫士和360杀毒为例)☆138Dec 26, 2023Updated 2 years ago
- Threadless Process Injection using remote function hooking.☆808Sep 4, 2024Updated last year
- A Streamlined FTP-Driven Command and Control Conduit for Interconnecting Remote Systems.☆89Nov 9, 2023Updated 2 years ago
- ManageEngine OpManager Decryption Tools☆32Sep 6, 2022Updated 3 years ago