CompMgmtLauncher & Sharepoint DLL Search Order hijacking UAC/persist via OneDrive
☆111Feb 2, 2026Updated last month
Alternatives and similar repositories for CompMgmtLauncher_DLL_UACBypass
Users that are interested in CompMgmtLauncher_DLL_UACBypass are comparing it to the libraries listed below
Sorting:
- ☆132Oct 14, 2022Updated 3 years ago
- Weaponized HellsGate/SigFlip☆203Jun 7, 2023Updated 2 years ago
- Bypass LSA protection using the BYODLL technique☆172Sep 21, 2024Updated last year
- Creation and removal of Defender path exclusions and exceptions in C#.☆32Nov 1, 2023Updated 2 years ago
- ☆292Jul 20, 2023Updated 2 years ago
- Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming an…☆34Feb 2, 2026Updated last month
- Bypassing UAC with SSPI Datagram Contexts☆461Sep 24, 2023Updated 2 years ago
- Find DLLs with RWX section☆79Jul 3, 2023Updated 2 years ago
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆125Feb 13, 2023Updated 3 years ago
- RDPCredentialStealer it's a malware that steal credentials provided by users in RDP using API Hooking with Detours in C++☆260Jun 14, 2023Updated 2 years ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆409Jan 11, 2026Updated last month
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆140Sep 14, 2024Updated last year
- A BOF to determine Windows Defender exclusions.☆253Jun 25, 2023Updated 2 years ago
- ☆79Aug 2, 2023Updated 2 years ago
- idk man this was the default github name☆35Apr 23, 2023Updated 2 years ago
- Lateral Movement☆126Nov 14, 2023Updated 2 years ago
- .NET assembly loader with patchless AMSI and ETW bypass☆368Apr 19, 2023Updated 2 years ago
- A keystroke logger targeting the Remote Desktop Protocol (RDP) related processes, It utilizes a low-level keyboard input hook, allowing i…☆398Aug 2, 2023Updated 2 years ago
- Implementation of Advanced Module Stomping and Heap/Stack Encryption☆225Jul 25, 2023Updated 2 years ago
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆211Nov 12, 2025Updated 3 months ago
- ☆223Oct 22, 2023Updated 2 years ago
- ☆101Oct 7, 2023Updated 2 years ago
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆111Jul 15, 2023Updated 2 years ago
- badger-builder is an AI-assisted tool for generating dynamic Brute Ratel C4 profiles☆54Nov 21, 2024Updated last year
- A PoC for achieving persistence via push notifications on Windows☆48Jun 9, 2023Updated 2 years ago
- Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime☆314Aug 2, 2023Updated 2 years ago
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆204Dec 27, 2023Updated 2 years ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- A C# Command & Control framework☆1,026Mar 28, 2024Updated last year
- Spartacus DLL/COM Hijacking Toolkit☆1,083Feb 1, 2024Updated 2 years ago
- Simple dotnet Native AOT app that uses AsmResolver to convert shellcode to PE☆65May 1, 2023Updated 2 years ago
- UAC bypass for x64 Windows 7 - 11☆832Feb 2, 2026Updated last month
- Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE☆205Aug 25, 2023Updated 2 years ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆242Sep 26, 2023Updated 2 years ago
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆180Feb 10, 2023Updated 3 years ago
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆277Apr 17, 2023Updated 2 years ago
- Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.☆407Aug 22, 2023Updated 2 years ago
- UAC Bypass By Abusing Kerberos Tickets☆508Aug 10, 2023Updated 2 years ago
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆676Dec 23, 2022Updated 3 years ago