Alternatives and similar repositories for RunAsSystem

Users that are interested in RunAsSystem are comparing it to the libraries listed below

• ThunderGunExpress / Reflective_PSExec
  ☆45Updated 7 years ago
• two06 / AMSI_Handler
  Automate AV evasion by calling AMSI
  ☆87Updated 2 years ago
• Dankirk / RegSLScan
  A tool for scanning registery key permissions. Find where non-admins can create symbolic links.
  ☆45Updated 6 years ago
• malcomvetter / AntiDebug
  PoC: Prevent a debugger from attaching to managed .NET processes via a watcher process code pattern.
  ☆32Updated 7 years ago
• ashr / netrefject
  Inject .Net payloads into other .Net assemblies on disk
  ☆61Updated 6 years ago
• jthuraisamy / CVE-2019-9730
  Synaptics Audio Driver LPE
  ☆37Updated 6 years ago
• homjxi0e / ReaCOM
  ReaCOM has got a lot of tools to use and is related to component object model
  ☆74Updated 5 years ago
• scottlundgren / w32time
  ☆53Updated 7 years ago
• umarfarook882 / Windows-InstallerBypass
  Windows Installer Bypass using Rollback Script .rbs and .rbf - Race Condition
  ☆22Updated 6 years ago
• maaaaz / mimicertz
  A minimal safe version of mimikatz to only allow the export of non-exportable Windows certificates
  ☆26Updated 7 years ago
• ThunderGunExpress / Reflective_Schtasks
  ☆54Updated 7 years ago
• tophertimzen / shellcodeTester
  GUI Application in C# to run and disassemble shellcode
  ☆36Updated 8 years ago
• cobbr / InsecurePowerShellHost
  InsecurePowerShellHost is a .NET Core host process for InsecurePowerShell, a version of PowerShell Core v6.0.0 with key security features…
  ☆31Updated 7 years ago
• irsl / CVE-2020-0728
  Proof of Concept code for CVE-2020-0728
  ☆47Updated 5 years ago
• 3gstudent / Eventlogedit-evt--General
  Remove individual lines from Windows Event Viewer Log (EVT) files
  ☆44Updated 4 years ago
• perturbed-platypus / UEFIWriteCSharp
  ☆42Updated 6 years ago
• kafkaesqu3 / subtee-gist-mirror
  few months old but better than nothing
  ☆58Updated 3 years ago
• roo7cause / Ps1jacker
  Ps1jacker is a tool for generating COM Hijacking payload.
  ☆60Updated 10 months ago
• glinares / CSCGuard
  Protects and logs suspicious and malicious usage of .NET CSC.exe and Runtime C# Compilation
  ☆25Updated 7 years ago
• 3gstudent / bitsadminexec
  Use bitsadmin to maintain persistence and bypass Autoruns
  ☆66Updated 8 years ago
• mattifestation / PoCSubjectInterfacePackage
  A proof-of-concept subject interface package (SIP) used to demonstrate digital signature subversion attacks.
  ☆100Updated 7 years ago
• 0xeb-bp / cve-2020-1015
  PoC for CVE-2020-1015
  ☆39Updated 5 years ago
• vletoux / DetectPasswordViaNTLMInFlow
  Extract the password of the current user from flow (keylogger, config file, ..) Use SSPI to get a valid NTLM challenge/response and test …
  ☆59Updated 6 years ago
• guardicore / vmware_guest_auth_bypass
  Proof of concept of VMSA-2017-0012
  ☆41Updated 8 years ago
• panagioto / Mimir
  A C++ POC for process injection using NtCreateSectrion, NtMapViewOfSection and RtlCreateUserThread. Credit to @spotheplanet for his notes…
  ☆45Updated 4 years ago
• nccgroup / WindowsDACLEnumProject
  A collection of tools to enumerate and analyse Windows DACLs
  ☆109Updated 10 years ago
• panagioto / SyscallHide
  Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.
  ☆79Updated 5 years ago
• vysecurity / Invoke-ProcessScan
  Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.
  ☆48Updated 8 years ago
• perturbed-platypus / UEFIReadCSharp
  ☆33Updated 6 years ago
• St0rn / Windows-10-Exploit
  Windows 10 Exploit
  ☆30Updated 7 years ago