w4fz5uck5 / LonelyALPC-BypassUACView external linksLinks
Lonely x64 binary to Bypass Win10 UAC utilizing ALPC method with [command line]
☆32Jun 30, 2023Updated 2 years ago
Alternatives and similar repositories for LonelyALPC-BypassUAC
Users that are interested in LonelyALPC-BypassUAC are comparing it to the libraries listed below
Sorting:
- Some eternal WIP stuff :)☆20Nov 18, 2025Updated 2 months ago
- A repository filled with ideas to break/detect direct syscall techniques☆27Apr 21, 2022Updated 3 years ago
- Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…☆25Mar 26, 2020Updated 5 years ago
- automated sticky keys backdoor☆10Feb 12, 2016Updated 10 years ago
- Repository of different kernel drivers written while studying Windows NT Driver development☆12Apr 14, 2024Updated last year
- Use powershell to getsystem with token dumplication☆10Dec 6, 2019Updated 6 years ago
- Walks through the 4-level paging structures in Windows x64☆13Feb 12, 2023Updated 3 years ago
- Extended library for using direct system calls on windows☆17Feb 6, 2022Updated 4 years ago
- POC about how to prevent windbg break☆15Oct 3, 2022Updated 3 years ago
- Disable PPL via custom driver and dump lsass☆15Mar 13, 2021Updated 4 years ago
- ☆17Apr 18, 2023Updated 2 years ago
- ☆16Mar 26, 2023Updated 2 years ago
- Interprocess communication library, providing the ability to call functions from each other☆20Oct 3, 2019Updated 6 years ago
- We will create muilti-remote with rdp-wrap for windows 10☆15Jul 14, 2020Updated 5 years ago
- Persistence techniques for windows.☆19Jun 26, 2023Updated 2 years ago
- Shellcode injector using direct syscalls☆123Aug 17, 2020Updated 5 years ago
- Using NtCreateFile and NtDeviceIoControlFile to realize the function of winsock(利用NtCreateFile和NtDeviceIoControlFile 实现winsock的功能)☆127Sep 9, 2022Updated 3 years ago
- 扫描常见未授权访问(改)(redis、mongodb、memcached、elasticsearch、zookeeper、ftp、CouchDB、docker、Hadoop)☆15Aug 4, 2020Updated 5 years ago
- Everything related to Cobalt Strike☆15Feb 3, 2020Updated 6 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- Miscellaneous PowerShell scripts for red team activities☆16Jan 15, 2026Updated last month
- A C++ PoC implementation for enumerating Windows Fibers directly from memory☆21May 11, 2024Updated last year
- A kernel mode Windows rootkit in development.☆49Dec 31, 2021Updated 4 years ago
- Create and enumerate hidden desktops.☆89Dec 12, 2023Updated 2 years ago
- ☆22Jan 7, 2021Updated 5 years ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- This repo for Windows x32-x64 Kernel/User Mode Exploitation writeups and exploits☆24Oct 20, 2025Updated 3 months ago
- a dkom rootkit that targets windows x64 systems. the rootkit hooks and edits criticl memory sections in order to hide different resources…☆18Jul 5, 2023Updated 2 years ago
- ☆21Dec 4, 2019Updated 6 years ago
- Repo that holds random POCs☆52Jan 8, 2024Updated 2 years ago
- Disabling Windows Defender & downloading payload☆21Jul 28, 2020Updated 5 years ago
- simple driver to read and write☆18Apr 13, 2025Updated 10 months ago
- A VMBR (Virtual-Machine Based Rootkit) which runs a guest OS and sends the attacker its data☆28Apr 27, 2024Updated last year
- Windows Console Monitor☆34Jun 11, 2019Updated 6 years ago
- 通过webshell实现的内网穿透工具☆49Nov 19, 2019Updated 6 years ago
- Example code for EDR bypassing☆151Mar 7, 2019Updated 6 years ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 2 years ago
- This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness☆53Sep 12, 2019Updated 6 years ago
- Repository of vulnerabilities disclosed by ESET☆29Jul 13, 2022Updated 3 years ago