voidvxvt / EnableAllTokenPrivsLinks
Enable or Disable TokenPrivilege(s)
☆14Updated last year
Alternatives and similar repositories for EnableAllTokenPrivs
Users that are interested in EnableAllTokenPrivs are comparing it to the libraries listed below
Sorting:
- BOF for C2 framework☆43Updated 10 months ago
- A POC for developing BOFs for Sliver, Havoc, Cobalt Strike or most COFFLoaders in Rust.☆34Updated last month
- rust port of pspy with support for process monitoring over dbus☆35Updated 3 months ago
- A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.☆30Updated 7 months ago
- in-process powershell runner for BRC4☆47Updated last year
- Permanently disable EDRs as local admin☆102Updated 2 months ago
- Proxy function calls through the thread pool with ease☆29Updated 6 months ago
- Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies☆47Updated 2 months ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆68Updated last month
- Unix Process hollowing in rust☆22Updated 9 months ago
- Impersonate Tokens using only NTAPI functions☆80Updated 5 months ago
- A python script that automates a C2 Profile build☆47Updated 2 weeks ago
- use python on windows with full submodule support without installation☆31Updated 8 months ago
- Demo code JavaScript POC that tricks user into sending Windows hash to responder☆35Updated 3 months ago
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆37Updated 5 months ago
- ☆58Updated 11 months ago
- Cortex EDR Ransomware protection Bypass☆25Updated 7 months ago
- Windows Thread Pool Injection Havoc Implementation☆32Updated last year
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆14Updated 2 years ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆55Updated 5 months ago
- Hunting and injecting RWX 'mockingjay' DLLs in pure nim☆59Updated 9 months ago
- ☆39Updated 7 months ago
- ☆25Updated last month
- ☆26Updated 7 months ago
- Sniffing files generator☆59Updated 7 months ago
- Section-based payload obfuscation technique for x64☆64Updated last year
- ☆26Updated 6 months ago
- bring your own clean ntdll (or other MS dlls)☆27Updated 2 months ago
- Internal Monologue BOF☆29Updated 8 months ago
- This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…☆51Updated 4 months ago