Alternatives and similar repositories for UAC-Bypass

Users that are interested in UAC-Bypass are comparing it to the libraries listed below

• cybersectroll / TrollAMSI

  View on GitHub
  ☆186Jun 14, 2025Updated 8 months ago
• CICADA8-Research / RpcMotion

  View on GitHub
  Execute commands, in/exfiltrate files using your custom RPC Server
  ☆63Jan 13, 2026Updated last month
• 0xEr3bus / RdpStrike

  View on GitHub
  Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.
  ☆249Jun 11, 2024Updated last year
• YOLOP0wn / POSTDump

  View on GitHub
  ☆341Nov 10, 2025Updated 3 months ago
• decoder-it / ADCSCoercePotato

  View on GitHub
  ☆242May 5, 2024Updated last year
• BlackSnufkin / NovaLdr

  View on GitHub
  Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)
  ☆258Jun 29, 2024Updated last year
• hotnops / ECUtilities

  View on GitHub
  Powershell and python utilties for Entra Connect
  ☆27Jun 5, 2025Updated 8 months ago
• eversinc33 / GpuDecryptShellcode

  View on GitHub
  XOR decrypting shellcode using the GPU with OpenCL.
  ☆120May 22, 2025Updated 8 months ago
• michaelweber / CSharpSourceObfuscator

  View on GitHub
  A C# Solution Source Obfuscator for avoiding AV signatures with minimal user interaction. Powered by the Roslyn C# library.
  ☆99Mar 25, 2025Updated 10 months ago
• rasta-mouse / SCMUACBypass

  View on GitHub
  ☆102Sep 5, 2023Updated 2 years ago
• M1ndo / WerDump

  View on GitHub
  A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass
  ☆165Sep 22, 2025Updated 4 months ago
• Octoberfest7 / ThreadCPUAssignment_POC

  View on GitHub
  A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread
  ☆30Sep 24, 2025Updated 4 months ago
• decoder-it / RelabelAbuse

  View on GitHub
  ☆64May 31, 2024Updated last year
• AlteredSecurity / Disable-TamperProtection

  View on GitHub
  A POC to disable TamperProtection and other Defender / MDE components
  ☆254Jun 6, 2024Updated last year
• MayerDaniel / profiler-lateral-movement

  View on GitHub
  Lateral Movement via the .NET Profiler
  ☆100Nov 21, 2024Updated last year
• T3nb3w / ComDotNetExploit

  View on GitHub
  A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …
  ☆332Mar 6, 2025Updated 11 months ago
• fin3ss3g0d / IoDllProxyLoad

  View on GitHub
  DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly
  ☆63Mar 19, 2024Updated last year
• ScriptIdiot / sleepmask_PatchlessHook

  View on GitHub
  Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW
  ☆86Mar 19, 2023Updated 2 years ago
• JanielDary / ImmoralFiber

  View on GitHub
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆280Sep 18, 2024Updated last year
• VoldeSec / PatchlessCLRLoader

  View on GitHub
  .NET assembly loader with patchless AMSI and ETW bypass
  ☆366Apr 19, 2023Updated 2 years ago
• Leo4j / KeyCredentialLink

  View on GitHub
  Add Shadow Credentials to a target object by editing their msDS-KeyCredentialLink attribute
  ☆25Jun 5, 2024Updated last year
• blue0x1 / uac-bypass-oneliners

  View on GitHub
  Collection of one-liners to bypass User Account Control (UAC) in Windows. These techniques exploit certain behavior in Windows applicatio…
  ☆154Jan 7, 2025Updated last year
• klezVirus / RAIWhateverTrigger

  View on GitHub
  Local SYSTEM auth trigger for relaying - X
  ☆155Jul 23, 2025Updated 6 months ago
• loland / inlineExecute

  View on GitHub
  Cobalt Strike BOF
  ☆42Dec 10, 2025Updated 2 months ago
• YOLOP0wn / yolo-mssqlclient

  View on GitHub
  custom impacket mssqlclient
  ☆26Sep 16, 2023Updated 2 years ago
• naksyn / Embedder

  View on GitHub
  Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies
  ☆123May 29, 2024Updated last year
• vxCrypt0r / AMSI_VEH

  View on GitHub
  A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…
  ☆167May 30, 2024Updated last year
• coffeegist / bofhound

  View on GitHub
  Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
  ☆359Jan 29, 2026Updated 2 weeks ago
• OtterHacker / SetProcessInjection

  View on GitHub
  ☆151Oct 2, 2023Updated 2 years ago
• ZERODETECTION / MSC_Dropper

  View on GitHub
  ☆248Jul 31, 2024Updated last year
• PShlyundin / TimeSync

  View on GitHub
  Tool to obtain hash using MS-SNTP for user accounts
  ☆28Jan 22, 2025Updated last year
• Mr-Un1k0d3r / Elevate-System-Trusted-BOF

  View on GitHub
  ☆160Mar 27, 2023Updated 2 years ago
• EvanMcBroom / perfect-loader

  View on GitHub
  Load a dynamic library from memory by modifying the native Windows loader
  ☆282Jun 18, 2025Updated 7 months ago
• x42en / sysplant

  View on GitHub
  Your syscall factory
  ☆126Jan 13, 2026Updated last month
• wsummerhill / CSharp-Alt-Shellcode-Callbacks

  View on GitHub
  A collection of (even more) alternative shellcode callback methods in CSharp
  ☆81Oct 26, 2024Updated last year
• ricardojoserf / NativeBypassCredGuard

  View on GitHub
  Bypass Credential Guard by patching WDigest.dll using only NTAPI functions
  ☆266Apr 8, 2025Updated 10 months ago
• itaymigdal / HubbleHub

  View on GitHub
  Explore and filter your GitHub starred repositories
  ☆25Dec 5, 2023Updated 2 years ago
• BambiZombie / ThreadlessSpawn

  View on GitHub
  A Simple PoC
  ☆22May 24, 2024Updated last year
• Idov31 / Cronos

  View on GitHub
  PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.
  ☆620Sep 26, 2023Updated 2 years ago