termanix / TokenElevation
Token Elevation to authorized user as SYSTEM or Domain Admins
☆22Updated last year
Related projects: ⓘ
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated 2 months ago
- ☆57Updated 9 months ago
- Small project to facilitate creation of .lnk payloads☆60Updated last year
- malleable profile generator GUI for Havoc☆53Updated last year
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆79Updated last year
- Red Team Operation's Defense Evasion Technique.☆50Updated 3 months ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆77Updated last year
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆53Updated 2 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆25Updated 2 years ago
- ☆60Updated this week
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆60Updated last year
- Do some DLL SideLoading magic☆72Updated 11 months ago
- Python module for running BOFs☆63Updated last year
- Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation☆29Updated last year
- ☆70Updated last year
- A pure C version of SymProcAddress☆23Updated 6 months ago
- Scripts for public use that we've randomly written, or have updated from other people's work.☆38Updated 2 months ago
- This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…☆50Updated last year
- Reasonably undetected shellcode stager and executer.☆34Updated last week
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆84Updated last year
- Just another ntdll unhooking using Parun's Fart technique☆70Updated last year
- Utilities for obfuscating shellcode☆38Updated 2 months ago
- a variety of tools,scripts and techniques developed and shared with different programming languages by 0xsp Lab☆55Updated 5 months ago
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆37Updated 2 years ago
- ☆47Updated last year
- ☆23Updated last year
- RDLL for Cobalt Strike beacon to silence sysmon process☆85Updated 2 years ago
- Rewrite to fit my needs☆25Updated last month
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆32Updated 8 months ago
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆74Updated 10 months ago