SetupHijack is a security research tool that exploits race conditions and insecure file handling in Windows applications installer and update processes.
☆263Feb 2, 2026Updated 5 months ago
Alternatives and similar repositories for SetupHijack
Users that are interested in SetupHijack are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 10 months ago
- "Service-less" driver loading☆189Nov 28, 2024Updated last year
- Windows rootkit designed to work with BYOVD exploits☆223Jan 18, 2025Updated last year
- This is the tool to dump the LSASS process on modern Windows 11☆591May 23, 2026Updated last month
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆55May 12, 2025Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Fast covert timing channel communication for inter-process and inter-processor communication on Windows systems.☆73Mar 24, 2026Updated 3 months ago
- Terminate AV/EDR processes by exploiting the vulnerable NsecSoft driver☆32Sep 15, 2025Updated 9 months ago
- Mythic C2 Agent written in x64 PIC C☆85Jan 29, 2025Updated last year
- Reimplementation of the KExecDD DSE bypass technique.☆62Sep 7, 2024Updated last year
- This code silently installs Chrome extensions on Mac, Windows, and Linux☆166Jul 22, 2025Updated 11 months ago
- A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass☆177Sep 22, 2025Updated 9 months ago
- A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow☆19Jun 26, 2025Updated last year
- A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTA…☆366Mar 17, 2026Updated 3 months ago
- Project for generating and identifying deceptive LNK files.☆372Mar 8, 2026Updated 4 months ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆361Nov 19, 2024Updated last year
- Lateral movement with DCOM DLL hijacking☆180Jul 4, 2025Updated last year
- Internal Monologue BOF☆79Dec 28, 2024Updated last year
- Process Injection using Thread Name☆310Apr 18, 2025Updated last year
- early cascade injection PoC based on Outflanks blog post, in rust☆64Nov 8, 2024Updated last year
- Sleep obfuscation☆274Dec 13, 2024Updated last year
- EDRStartupHinder: A red team tool to prevent Antivirus and EDR from running.☆194May 23, 2026Updated last month
- Bypass user-land hooks by syscall tampering via the Trap Flag☆140Aug 25, 2025Updated 10 months ago
- Proof of concept source code and misc files for my CVE-2025-21692 exploit, kernel version 6.6.75☆40Sep 16, 2025Updated 9 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Local SYSTEM auth trigger for relaying - X☆158Jul 23, 2025Updated 11 months ago
- various methods of making API calls☆19Feb 1, 2025Updated last year
- A runtime for developing large-scale and complex shellcode.☆21Jun 29, 2026Updated last week
- Implementing Ghostly-Hollowing using tampered syscalls for remote PE injection☆74Dec 26, 2025Updated 6 months ago
- ☆37Apr 15, 2025Updated last year
- Proof-of-Concept tool for extracting credential material from protected sessions on modern Windows systems.☆701May 9, 2026Updated last month
- Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking☆443Jun 27, 2025Updated last year
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆33Sep 24, 2025Updated 9 months ago
- Finding Truth in the Shadows☆129Jan 26, 2023Updated 3 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Evasion kit for Cobalt Strike☆30Jan 16, 2026Updated 5 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆58Apr 14, 2025Updated last year
- Gain insights into MS-RPC implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By f…☆346May 4, 2026Updated 2 months ago
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆138Dec 20, 2022Updated 3 years ago
- ACL Viewer for Windows☆133May 4, 2025Updated last year
- a demo module for the kaine agent to execute and inject assembly modules☆42Aug 28, 2024Updated last year
- Rust crate to run commands as another user☆59Feb 12, 2026Updated 4 months ago