impersonate trustedinstaller by fiddling with tokens
☆17Aug 30, 2021Updated 4 years ago
Alternatives and similar repositories for GetTrustedInstallerShell
Users that are interested in GetTrustedInstallerShell are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆14Sep 2, 2021Updated 4 years ago
- Preventing 3rd Party DLLs from Injecting into your Malware☆25Aug 31, 2021Updated 4 years ago
- Iterate over Windows Handles☆16Nov 18, 2025Updated 5 months ago
- Rust Weaponization for Red Team Engagements.☆16Oct 9, 2021Updated 4 years ago
- This project used to learn golang and try to bypass AV☆21Sep 20, 2021Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- Add an empty section to a PE file☆53Aug 8, 2017Updated 8 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- bypass UAC even when configured to always notify user☆29Aug 31, 2021Updated 4 years ago
- POC for CVE-2023-29360☆12Aug 31, 2024Updated last year
- This PoC uses two diferent technics for stealing the primary token from all running processes, showing that is possible to impersonate a…☆57Nov 4, 2021Updated 4 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆14Sep 30, 2022Updated 3 years ago
- Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…☆25Mar 26, 2020Updated 6 years ago
- OwOwning with the Windows API Examples and Code. DEFCON Furs 2020 presentation.☆13Jan 18, 2024Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- DLL Unhooking☆12Mar 26, 2021Updated 5 years ago
- LdrLoadDll Unhooking☆134Jan 16, 2022Updated 4 years ago
- DPX - the Doge Packer for eXecutables☆30Dec 21, 2021Updated 4 years ago
- 利用chrome扩展 dump 浏览器cookie https://saucer-man.com/information_security/787.html☆15Sep 9, 2021Updated 4 years ago
- 优化了GetSystemEarlyBird的代码结构☆21Jun 24, 2020Updated 5 years ago
- Dirfuzz by golang☆15Feb 28, 2023Updated 3 years ago
- Golang implementation of the research by @jonaslyk and the drafted PoC from @LloydLabs☆26Dec 3, 2021Updated 4 years ago
- Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking.☆314Jul 8, 2022Updated 3 years ago
- echoes(回响)是一款Github,红队监测工具☆14Mar 31, 2022Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Phantom DLL Hollowing method implemented in modmap☆18Jun 9, 2021Updated 4 years ago
- CVE-2021-36798: CobaltStrike < 4.4 Dos☆104Sep 26, 2021Updated 4 years ago
- query specific user and login IP from remote machine☆18Nov 19, 2022Updated 3 years ago
- ☆51Aug 28, 2021Updated 4 years ago
- Golang implementation of Reflective load PE from memory☆63Jan 10, 2022Updated 4 years ago
- Bypassing AV, EDR, Application Whitelisting and ASR Rules☆13Apr 18, 2023Updated 3 years ago
- A Generic WOW64 Process Blocker☆14Jul 16, 2021Updated 4 years ago
- HTTP Protocol Stack CVE-2021-31166☆13Oct 17, 2024Updated last year
- use aswArPot.sys to kill process☆69Aug 26, 2022Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Like Hell's Gate but more EGG :)☆20Mar 11, 2022Updated 4 years ago
- command execute without 445 port☆59Feb 25, 2022Updated 4 years ago
- windows API to hide console window by golang☆35Dec 20, 2021Updated 4 years ago
- ☆47May 8, 2021Updated 4 years ago
- crypto args for golang☆17Feb 14, 2022Updated 4 years ago
- Read Memory without ReadProcessMemory for Current Process☆92Feb 13, 2022Updated 4 years ago
- Remove API hooks from a Beacon process.☆76Mar 13, 2022Updated 4 years ago