rara64 / GetTrustedInstallerLinks
Make an executable run with TrustedInstaller permissions under SYSTEM account.
☆44Updated 5 years ago
Alternatives and similar repositories for GetTrustedInstaller
Users that are interested in GetTrustedInstaller are comparing it to the libraries listed below
Sorting:
- This is a simple example of DLL hijacking enabling proxy execution.☆65Updated 2 years ago
- Bypass UAC on Windows 10/11 x64 using ms-settings DelegateExecute registry key.☆81Updated 3 years ago
- Windows internals and exploitation tricks☆107Updated last month
- CompMgmtLauncher & Sharepoint DLL Search Order hijacking UAC/persist via OneDrive☆108Updated 2 years ago
- A privilege escalation vulnerability exists in Windows due to a flaw in the implementation of the Atom Table. An attacker could exploit t…☆29Updated last year
- A payload delivery system which embeds payloads in an executable's icon file!☆74Updated last year
- Project for identifying executables and DLLs vulnerable to environment-variable based DLL hijacking.☆60Updated 3 years ago
- A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.☆67Updated 2 years ago
- Bypass Malware Time Delays☆108Updated 3 years ago
- A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows☆53Updated 4 years ago
- Powershell implementation of a novel technique. Invoke-GPTObfuscation is a PowerShell Obfuscator that utilizes OpenAI (and other APIs) to…☆48Updated 2 years ago
- A C implementation of the Sektor7 "A Thief" Windows privesc technique.☆67Updated 3 years ago
- Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io☆86Updated last week
- AMSI Bypass for powershell☆29Updated 3 years ago
- Admin2Sys it's a C++ malware to escalate privileges from Administrator account to NT AUTORITY SYSTEM☆62Updated 2 years ago
- ☆33Updated 2 years ago
- C# Utilities for Windows Notification Facility☆160Updated 7 months ago
- Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)☆40Updated 2 years ago
- ☆136Updated 3 years ago
- Unfixed Windows PowerShell Filename Code Execution POC☆41Updated last year
- This repository provides the core to build your own External C2 Server and Connector for Brute Ratel C4☆55Updated 3 years ago
- Simple dotnet Native AOT app that uses AsmResolver to convert shellcode to PE☆66Updated 2 years ago
- ☆33Updated 2 years ago
- ☆37Updated 9 months ago
- Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…☆43Updated last year
- Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users☆42Updated 3 years ago
- Deleting Shadow Copies In Pure C++☆116Updated 3 years ago
- Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell pro…☆86Updated 2 years ago
- Simple ransomware written in Rust. Part of the building a rustomware blog post.☆34Updated 2 years ago
- Finding secrets in kernel and user memory☆116Updated 2 years ago