Bypass UAC elevation on Windows 8 (build 9600) & above.
☆58Feb 2, 2026Updated last month
Alternatives and similar repositories for envschtasksuacbypass
Users that are interested in envschtasksuacbypass are comparing it to the libraries listed below
Sorting:
- Bypass UAC on Windows 10/11 x64 using ms-settings DelegateExecute registry key.☆83Feb 2, 2026Updated last month
- Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC b…☆143Feb 2, 2026Updated last month
- CVE-2021-34527 AddPrinterDriverEx() Privilege Escalation☆23Feb 2, 2026Updated last month
- Implementation of ITaskHandler in C++☆14Feb 11, 2023Updated 3 years ago
- ☆132Oct 14, 2022Updated 3 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- ☆26Dec 29, 2021Updated 4 years ago
- A POC for Windows Extension Host hooking☆24Jul 13, 2019Updated 6 years ago
- UAC bypass by abusing RPC and debug objects.☆627Oct 19, 2023Updated 2 years ago
- Self-Loading Registration Free COM Functions☆11Nov 12, 2019Updated 6 years ago
- ☆143May 17, 2023Updated 2 years ago
- Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping☆67Oct 9, 2022Updated 3 years ago
- A PoC tool for exploiting leaked process and thread handles☆32Feb 13, 2024Updated 2 years ago
- One gate to all syscalls!☆23Mar 12, 2022Updated 3 years ago
- SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…☆61Aug 31, 2022Updated 3 years ago
- POC for frustrating/defeating Malware Analysts☆156Jun 12, 2022Updated 3 years ago
- A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process☆115Aug 29, 2022Updated 3 years ago
- ☆208Apr 5, 2022Updated 3 years ago
- WTSRM☆216Aug 7, 2022Updated 3 years ago
- ☆60Jun 26, 2022Updated 3 years ago
- Nice try reading NTDLL from disk, nerd.☆19Apr 18, 2022Updated 3 years ago
- A C implementation of the Sektor7 "A Thief" Windows privesc technique.☆71Mar 25, 2022Updated 3 years ago
- ☆57Apr 19, 2023Updated 2 years ago
- Beacon Object File implementation of Event Viewer deserialization UAC bypass☆133May 6, 2022Updated 3 years ago
- Windows shellcode encoding and encrypting tool☆20May 4, 2022Updated 3 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Apr 4, 2023Updated 2 years ago
- Patch AMSI and ETW in remote process via direct syscall☆85Apr 28, 2022Updated 3 years ago
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- ☆22Jan 15, 2025Updated last year
- This program is used to perform reflective DLL Injection to a remote process specified by the user.☆64Jul 11, 2023Updated 2 years ago
- A kernel mode Windows rootkit in development.☆49Dec 31, 2021Updated 4 years ago
- ☆184Jul 2, 2022Updated 3 years ago
- Code Execution & Persistence in NETWORK SERVICE FAX Service☆35Feb 2, 2026Updated last month
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 2 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆268Aug 31, 2022Updated 3 years ago
- some gadgets about windows process and ready to use :)☆611Oct 7, 2023Updated 2 years ago
- Exploit for CVE-2022-30206☆76Sep 25, 2022Updated 3 years ago
- Minifilter Callback Patching Proof-of-Concept☆74Oct 31, 2022Updated 3 years ago
- A C# port of the MinHook API hooking library☆55Oct 5, 2022Updated 3 years ago