sailay1996 / UAC_Bypass_In_The_Wild

Related projects ⓘ

Alternatives and complementary repositories for UAC_Bypass_In_The_Wild

• itm4n / UsoDllLoader
  Windows - Weaponizing privileged file writes with the Update Session Orchestrator service
  ☆378Updated 4 years ago
• monoxgas / Koppeling
  Adaptive DLL hijacking / dynamic export forwarding
  ☆726Updated 4 years ago
• FuzzySecurity / Sharp-Suite
  Also known by Microsoft as Knifecoat
  ☆1,114Updated last year
• rasta-mouse / TikiTorch
  Process Injection
  ☆752Updated 3 years ago
• 0x09AL / RdpThief
  Extracting Clear Text Passwords from mstsc.exe using API Hooking.
  ☆1,227Updated 4 months ago
• smgorelik / Windows-RCE-exploits
  The exploit samples database is a repository for **RCE** (remote code execution) exploits and Proof-of-Concepts for **WINDOWS**, the samp…
  ☆740Updated 11 months ago
• apt69 / COMahawk
  Privilege Escalation: Weaponizing CVE-2019-1405 and CVE-2019-1322
  ☆350Updated 5 years ago
• 0xeb-bp / bluekeep
  Public work for CVE-2019-0708
  ☆289Updated 5 years ago
• padovah4ck / CVE-2020-0683
  CVE-2020-0683 - Windows MSI “Installer service” Elevation of Privilege
  ☆339Updated 2 years ago
• med0x2e / GadgetToJScript
  A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from …
  ☆876Updated 3 years ago
• sailay1996 / awesome_windows_logical_bugs
  collect for learning cases
  ☆567Updated 5 months ago
• bats3c / Ghost-In-The-Logs
  Evade sysmon and windows event logging
  ☆611Updated 4 years ago
• LloydLabs / wsb-detect
  wsb-detect enables you to detect if you are running in Windows Sandbox ("WSB")
  ☆353Updated last year
• Mr-Un1k0d3r / SCShell
  Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
  ☆1,402Updated last year
• Kevin-Robertson / InveighZero
  .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers
  ☆790Updated 2 years ago
• L3cr0f / DccwBypassUAC
  Windows 8.1 and 10 UAC bypass abusing WinSxS in "dccw.exe".
  ☆384Updated 4 years ago
• itm4n / VBA-RunPE
  A VBA implementation of the RunPE technique or how to bypass application whitelisting.
  ☆790Updated 4 years ago
• jxy-s / herpaderping
  Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the in…
  ☆1,093Updated last year
• 0xbadjuju / Tokenvator
  A tool to elevate privilege with Windows Tokens
  ☆1,023Updated last year
• hasherezade / process_doppelganging
  My implementation of enSilo's Process Doppelganging (PE injection technique)
  ☆580Updated 2 years ago
• danigargu / CVE-2020-0796
  CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost
  ☆1,304Updated 3 years ago
• outflanknl / SharpHide
  Tool to create hidden registry keys.
  ☆466Updated 5 years ago
• hlldz / dazzleUP
  A tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates in the Windows operating sys…
  ☆489Updated 4 years ago
• ewhitehats / InvisiblePersistence
  Persisting in the Windows registry "invisibly"
  ☆339Updated 6 years ago
• Mr-Un1k0d3r / RedTeamCSharpScripts
  C# Script used for Red Team
  ☆716Updated 3 years ago
• outflanknl / Dumpert
  LSASS memory dumper using direct system calls and API unhooking.
  ☆1,491Updated 3 years ago
• RedCursorSecurityConsulting / PPLKiller
  Tool to bypass LSA Protection (aka Protected Process Light)
  ☆899Updated last year
• jamf / CVE-2020-0796-RCE-POC
  CVE-2020-0796 Remote Code Execution POC
  ☆538Updated 4 years ago