Alternatives and similar repositories for Win-LocalPriv-Escalation-polarbear

Users that are interested in Win-LocalPriv-Escalation-polarbear are comparing it to the libraries listed below

• 0xyg3n / mem64
  Run Any Native PE file as a memory ONLY Payload , most likely as a shellcode using hta attack vector which interacts with Powershell.
  ☆28Updated 8 years ago
• EgeBalci / SelfDefense
  Several self-defense shellcodes
  ☆23Updated 6 years ago
• sailay1996 / FileWrite2system
  File Write Weapon for Privilege Escalation To get SYSTEM
  ☆18Updated 5 years ago
• S3cur3Th1sSh1t / SharpPolarBear
  Privesc through import of Sheduled tasks + Hardlinks - CVE-2019-1069
  ☆37Updated 6 years ago
• 1captainnemo1 / Reverseshellcpp
  A FUD Backdoor Reverse Shell coded in CPP for any Windows distribution, that will fire a decoy app in the foreground while connecting bac…
  ☆20Updated 6 years ago
• apt69 / RibeyeSpecial
  medium-rare
  ☆28Updated 5 years ago
• rastating / slae
  The source code of the SLAE assignments documented at https://rastating.github.io/
  ☆24Updated 7 years ago
• padovah4ck / RedSharp
  Penetration Test / Read Team - C# tools repository
  ☆57Updated 3 years ago
• Souhardya / Catharsis
  Raw syscall implementations with Powershell
  ☆30Updated 6 years ago
• mortychannel / lnkexploit
  ☆43Updated 6 years ago
• mantvydasb / c-playground
  C & Shellcode Playground..
  ☆11Updated 7 years ago
• vletoux / Bluekeep-scanner
  BlueKeep powershell scanner (based on c# code)
  ☆39Updated 5 years ago
• eik00d / Reverse_DNS_Shellcode
  Revrese DNS payload for Metasploit: Download Exec x86 shellcode. Also DNS Handler and VBS bot (alsow working over DNS) as PoC included.
  ☆41Updated 8 years ago
• two06 / AMSI_Handler
  Automate AV evasion by calling AMSI
  ☆86Updated 2 years ago
• hvqzao / foolavc
  foolav successor - loads DLL, executable or shellcode into memory and runs it effectively bypassing AV
  ☆113Updated 4 years ago
• DamonMohammadbagher / NativePayload_HTTP
  Data Exfiltration via HTTP Traffic (C# and Shell Script)
  ☆18Updated 2 years ago
• 0x00-0x00 / NamedPipes
  Bind shell that uses Named Pipes as transport and execute PowerShell code through Runspaces.
  ☆16Updated 6 years ago
• hoangprod / COMHijacker
  Persistent through COM Hijacking
  ☆22Updated 6 years ago
• 0xbadjuju / TellMeYourSecrets
  A C# DLL to Dump LSA Secrets
  ☆58Updated 7 years ago
• ThunderGunExpress / Reflective_PSExec
  ☆45Updated 7 years ago
• sailay1996 / SECOMN_EoP
  Sound Research SECOMN service Privilege Escalation (windows 10)
  ☆39Updated 5 years ago
• S3cur3Th1sSh1t / SharpByeBear
  AppXSVC Service race condition - privilege escalation
  ☆29Updated 6 years ago
• bytecode77 / sysprep-privilege-escalation
  Sysprep Volatile Environment LPE (2017)
  ☆15Updated 3 months ago
• ashr / netrefject
  Inject .Net payloads into other .Net assemblies on disk
  ☆61Updated 5 years ago
• trustedsec / inProc_Evade_Get-InjectedThread
  PoC code from blog
  ☆16Updated 5 years ago
• djhohnstein / SharpEdge
  C# Implementation of Get-VaultCredential
  ☆14Updated 7 years ago
• secgroundzero / SharpAttack
  C# Situational Awareness Script
  ☆34Updated 6 years ago
• carnal0wnage / PoshRat
  PowerShell Reverse HTTPs Shell
  ☆28Updated 10 years ago
• BorjaMerino / reflectPatcher
  Python script to patch the reflective stub in a DLL
  ☆24Updated 8 years ago
• maaaaz / mimicertz
  A minimal safe version of mimikatz to only allow the export of non-exportable Windows certificates
  ☆24Updated 7 years ago