impersonate trustedinstaller by fiddling with tokens
☆17Aug 30, 2021Updated 4 years ago
Alternatives and similar repositories for GetTrustedInstallerShell
Users that are interested in GetTrustedInstallerShell are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Preventing 3rd Party DLLs from Injecting into your Malware☆25Aug 31, 2021Updated 4 years ago
- ☆14Sep 2, 2021Updated 4 years ago
- Iterate over Windows Handles☆15Nov 18, 2025Updated 4 months ago
- Rust Weaponization for Red Team Engagements.☆15Oct 9, 2021Updated 4 years ago
- This project used to learn golang and try to bypass AV☆21Sep 20, 2021Updated 4 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- Add an empty section to a PE file☆53Aug 8, 2017Updated 8 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- bypass UAC even when configured to always notify user☆29Aug 31, 2021Updated 4 years ago
- POC for CVE-2023-29360☆12Aug 31, 2024Updated last year
- This PoC uses two diferent technics for stealing the primary token from all running processes, showing that is possible to impersonate a…☆57Nov 4, 2021Updated 4 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆14Sep 30, 2022Updated 3 years ago
- OwOwning with the Windows API Examples and Code. DEFCON Furs 2020 presentation.☆13Jan 18, 2024Updated 2 years ago
- DLL Unhooking☆12Mar 26, 2021Updated 5 years ago
- NordVPN Threat Protection Pro™ • AdTake your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
- LdrLoadDll Unhooking☆134Jan 16, 2022Updated 4 years ago
- DPX - the Doge Packer for eXecutables☆30Dec 21, 2021Updated 4 years ago
- 利用chrome扩展 dump 浏览器cookie https://saucer-man.com/information_security/787.html☆15Sep 9, 2021Updated 4 years ago
- 优化了GetSystemEarlyBird的代码结构☆21Jun 24, 2020Updated 5 years ago
- Dirfuzz by golang☆15Feb 28, 2023Updated 3 years ago
- Golang implementation of the research by @jonaslyk and the drafted PoC from @LloydLabs☆26Dec 3, 2021Updated 4 years ago
- Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking.☆313Jul 8, 2022Updated 3 years ago
- echoes(回响)是一款Github,红队监测工具☆14Mar 31, 2022Updated 4 years ago
- Phantom DLL Hollowing method implemented in modmap☆18Jun 9, 2021Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- CVE-2021-36798: CobaltStrike < 4.4 Dos☆104Sep 26, 2021Updated 4 years ago
- query specific user and login IP from remote machine☆18Nov 19, 2022Updated 3 years ago
- ☆51Aug 28, 2021Updated 4 years ago
- Golang implementation of Reflective load PE from memory☆63Jan 10, 2022Updated 4 years ago
- Bypassing AV, EDR, Application Whitelisting and ASR Rules☆13Apr 18, 2023Updated 2 years ago
- A Generic WOW64 Process Blocker☆14Jul 16, 2021Updated 4 years ago
- HTTP Protocol Stack CVE-2021-31166☆13Oct 17, 2024Updated last year
- use aswArPot.sys to kill process☆69Aug 26, 2022Updated 3 years ago
- Like Hell's Gate but more EGG :)☆20Mar 11, 2022Updated 4 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- command execute without 445 port☆57Feb 25, 2022Updated 4 years ago
- windows API to hide console window by golang☆35Dec 20, 2021Updated 4 years ago
- ☆47May 8, 2021Updated 4 years ago
- crypto args for golang☆17Feb 14, 2022Updated 4 years ago
- Read Memory without ReadProcessMemory for Current Process☆92Feb 13, 2022Updated 4 years ago
- Remove API hooks from a Beacon process.☆76Mar 13, 2022Updated 4 years ago
- Go实��现部分Rubeus功能,可执行asktgt, asktgs, s4u, describe ticket, renew ticket, asreproast等☆142May 5, 2022Updated 3 years ago