Alternatives and similar repositories for LonelyALPC-BypassUAC

Users that are interested in LonelyALPC-BypassUAC are comparing it to the libraries listed below

• leoloobeek / COMRunner
  A simple COM server which provides a component to run shellcode
  ☆140Updated 5 years ago
• N4kedTurtle / HellsGatePoC
  ☆50Updated 5 years ago
• bats3c / DefensiveInjector
  Shellcode injector using direct syscalls
  ☆123Updated 5 years ago
• itm4n / CDPSvcDllHijacking
  Windows 10 CDPSvc DLL Hijacking - From LOCAL SERVICE to SYSTEM
  ☆114Updated 5 years ago
• JohnWoodman / stealthInjector
  Injects shellcode into remote processes using direct syscalls
  ☆79Updated 4 years ago
• rxwx / cs-rdll-ipc-example
  Example code for using named pipe output with beacon ReflectiveDLLs
  ☆119Updated 5 years ago
• mdsecactivebreach / Browser-ExternalC2
  External C2 Using IE COM Objects
  ☆101Updated 6 years ago
• oxfemale / LogonCredentialsSteal
  LOCAL AND REMOTE HOOK msv1_0!SpAcceptCredentials from LSASS.exe and DUMP DOMAIN/LOGIN/PASSWORD IN CLEARTEXT to text file.
  ☆120Updated 5 years ago
• tomcarver16 / AmsiHook
  AmsiHook is a project I created to figure out a bypass to AMSI via function hooking.
  ☆65Updated 5 years ago
• boku7 / HellsGatePPID
  Assembly HellGate implementation that directly calls Windows System Calls and displays the PPID of the explorer.exe process
  ☆104Updated 2 years ago
• ewilded / PPID_spoof
  An example of how to spawn a process with a spoofed parent PID (Visual C++)
  ☆29Updated 6 years ago
• r3nhat / XORedReflectiveDLL
  Reflective DLL Injection with obfuscated (XOR) shellcode
  ☆73Updated 4 years ago
• panagioto / SyscallHide
  Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.
  ☆77Updated 5 years ago
• plackyhacker / Unhook-BitDefender
  Unhooks Bit Defender from NTDLL and KERNELBASE using a classic technique.
  ☆56Updated 2 years ago
• mez-0 / MoveScheduler
  .NET 4.0 Scheduled Job Lateral Movement
  ☆90Updated 5 years ago
• 0xB455 / AmsiBypass
  C# PoC implementation for bypassing AMSI via in memory patching
  ☆65Updated 5 years ago
• S3cur3Th1sSh1t / SyscallAmsiScanBufferBypass
  AmsiScanBufferBypass using D/Invoke
  ☆136Updated 4 years ago
• RythmStick / CVE-2019-1064
  CVE-2019-1064 Local Privilege Escalation Vulnerability
  ☆24Updated 6 years ago
• boku7 / xPipe
  Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions
  ☆88Updated 2 years ago
• DamonMohammadbagher / Videos-BypassingAVsByCSharp
  Video files for eBook: "Bypassing AVs by C#.NET Programming"
  ☆41Updated 2 years ago
• rvrsh3ll / PELoader
  Load PE via XML Attribute
  ☆32Updated 5 years ago
• elddy / Windows-NTAPI-Injector
  Inject shellcode to process using Windows NTAPI for bypassing EDRs and Antiviruses
  ☆42Updated 4 years ago
• pwn1sher / uuid-loader
  UUID based Shellcode loader for your favorite C2
  ☆86Updated 3 years ago
• mdsecactivebreach / firewalker
  ☆153Updated 5 years ago
• slyd0g / SK8RAT
  C++ implant that interfaces with a SK8PARK server
  ☆49Updated 4 years ago
• limbenjamin / ReverseShellDll
  C++ Windows Reverse Shell - Universal DLL Hijack | SSL Encryption | Statically Linked
  ☆90Updated 5 years ago
• RedSection / printjacker
  Hijack Printconfig.dll to execute shellcode
  ☆99Updated 4 years ago
• badBounty / directInjectorPOC
  Small POC written in C# that performs shellcode injection on x64 processes using direct syscalls as a way to bypass user-land EDR hooks.
  ☆84Updated 5 years ago
• djhohnstein / CSharpSetThreadContext
  C# Shellcode Runner to execute shellcode via CreateRemoteThread and SetThreadContext to evade Get-InjectedThread
  ☆119Updated 6 years ago
• outflanknl / TamperETW
  PoC to demonstrate how CLR ETW events can be tampered.
  ☆190Updated 5 years ago