hackerhouse-opensource / Stinger
CIA UAC bypass implementation of Stinger that obtains the token from an auto-elevated process, modifies it, and reuses it to execute as Administrator.
☆290Updated last year
Alternatives and similar repositories for Stinger
Users that are interested in Stinger are comparing it to the libraries listed below
Sorting:
- Kill AV/EDR leveraging BYOVD attack☆353Updated last year
- Amsi Bypass payload that works on Windwos 11☆377Updated last year
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆551Updated 4 months ago
- Collection of UAC Bypass Techniques Weaponized as BOFs☆508Updated last year
- Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection☆290Updated 11 months ago
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆361Updated 5 months ago
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆409Updated 10 months ago
- Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC☆354Updated 4 months ago
- yet another AV killer tool using BYOVD☆270Updated last year
- ☆163Updated last year
- ☆172Updated 6 months ago
- Extracting NetNTLM without touching lsass.exe☆235Updated last year
- AV bypass while you sip your Chai!☆221Updated 11 months ago
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆198Updated 11 months ago
- "AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS☆272Updated last month
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆302Updated last year
- Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST☆184Updated 7 months ago
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆255Updated 9 months ago
- ☆187Updated last year
- CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administr…☆173Updated last year
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆189Updated last year
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆301Updated 6 months ago
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆516Updated 11 months ago
- ☆318Updated last month
- BOF for Kerberos abuse (an implementation of some important features of the Rubeus).☆459Updated last month
- Lateral Movement Using DCOM and DLL Hijacking☆291Updated last year
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆407Updated 9 months ago
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆310Updated last year
- Use hardware breakpoint to dynamically change SSN in run-time☆253Updated last year
- ☆277Updated last year