impersonate trustedinstaller by fiddling with tokens
☆17Aug 30, 2021Updated 4 years ago
Alternatives and similar repositories for GetTrustedInstallerShell
Users that are interested in GetTrustedInstallerShell are comparing it to the libraries listed below
Sorting:
- ☆14Sep 2, 2021Updated 4 years ago
- Iterate over Windows Handles☆15Nov 18, 2025Updated 3 months ago
- Preventing 3rd Party DLLs from Injecting into your Malware☆25Aug 31, 2021Updated 4 years ago
- Rust Weaponization for Red Team Engagements.☆15Oct 9, 2021Updated 4 years ago
- This project used to learn golang and try to bypass AV☆21Sep 20, 2021Updated 4 years ago
- bypass UAC even when configured to always notify user☆29Aug 31, 2021Updated 4 years ago
- This PoC uses two diferent technics for stealing the primary token from all running processes, showing that is possible to impersonate a…☆57Nov 4, 2021Updated 4 years ago
- Add an empty section to a PE file☆53Aug 8, 2017Updated 8 years ago
- 优化了GetSystemEarlyBird的代码结构☆21Jun 24, 2020Updated 5 years ago
- POC for CVE-2023-29360☆12Aug 31, 2024Updated last year
- Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…☆25Mar 26, 2020Updated 5 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- Bypassing AV, EDR, Application Whitelisting and ASR Rules☆13Apr 18, 2023Updated 2 years ago
- DLL Unhooking☆13Mar 26, 2021Updated 4 years ago
- DPX - the Doge Packer for eXecutables☆30Dec 21, 2021Updated 4 years ago
- Golang implementation of the research by @jonaslyk and the drafted PoC from @LloydLabs☆26Dec 3, 2021Updated 4 years ago
- OwOwning with the Windows API Examples and Code. DEFCON Furs 2020 presentation.☆13Jan 18, 2024Updated 2 years ago
- IOCTL-Flooder is a verbose tool designed to help with Windows driver fuzzing by brute forcing IOCTLs on loaded drivers. GetLastError is u…☆11Aug 21, 2018Updated 7 years ago
- Scan for evidence of CVE-2021-30860 (FORCEDENTRY) exploit☆11Sep 21, 2021Updated 4 years ago
- easy dll proxying in go☆14Apr 24, 2022Updated 3 years ago
- A Generic WOW64 Process Blocker☆14Jul 16, 2021Updated 4 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆14Sep 30, 2022Updated 3 years ago
- 利用chrome扩展 dump 浏览器cookie https://saucer-man.com/information_security/787.html☆15Sep 9, 2021Updated 4 years ago
- LdrLoadDll Unhooking☆135Jan 16, 2022Updated 4 years ago
- ☆51Aug 28, 2021Updated 4 years ago
- go实现的各种字符串匹配算法☆18Jun 21, 2017Updated 8 years ago
- 杂 物 收 纳☆15Aug 4, 2023Updated 2 years ago
- BoltWire v6.03 vulnerable to "Improper Access Control"☆13Oct 31, 2023Updated 2 years ago
- echoes(回响)是一款Github,红队监测工具☆14Mar 31, 2022Updated 3 years ago
- ☆14Dec 22, 2020Updated 5 years ago
- Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking.☆312Jul 8, 2022Updated 3 years ago
- Golang implementation of Reflective load PE from memory☆64Jan 10, 2022Updated 4 years ago
- crypto args for golang☆17Feb 14, 2022Updated 4 years ago
- HTTP Protocol Stack CVE-2021-31166☆13Oct 17, 2024Updated last year
- query specific user and login IP from remote machine☆18Nov 19, 2022Updated 3 years ago
- Dirfuzz by golang☆15Feb 28, 2023Updated 2 years ago
- my exp for CVE-2020-27194, tested on linux kernel 5.8.14.☆15Feb 3, 2021Updated 5 years ago
- ShootCutMe an .LNK file creator tool for redteamer☆15Oct 2, 2024Updated last year