Alternatives and similar repositories for UAC-bypass

Users that are interested in UAC-bypass are comparing it to the libraries listed below

• rasta-mouse / TikiTorch
  Process Injection
  ☆762Updated 3 years ago
• padovah4ck / PSByPassCLM
  Bypass for PowerShell Constrained Language Mode
  ☆392Updated 3 years ago
• wietze / windows-dll-hijacking
  Project for identifying executables and DLLs vulnerable to relative path DLL hijacking.
  ☆468Updated last year
• CBHue / PyFuscation
  Obfuscate powershell scripts by replacing Function names, Variables and Parameters.
  ☆518Updated 2 years ago
• itm4n / UsoDllLoader
  Windows - Weaponizing privileged file writes with the Update Session Orchestrator service
  ☆389Updated 5 years ago
• Plazmaz / LNKUp
  Generates malicious LNK file payloads for data exfiltration
  ☆399Updated 7 years ago
• med0x2e / GadgetToJScript
  A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from …
  ☆972Updated 3 years ago
• S1ckB0y1337 / TokenPlayer
  Manipulating and Abusing Windows Access Tokens.
  ☆277Updated 4 years ago
• mandiant / DueDLLigence
  ☆472Updated 2 years ago
• b4rtik / metasploit-execute-assembly
  Custom Metasploit post module to executing a .NET Assembly from Meterpreter session
  ☆345Updated 4 years ago
• slyd0g / PrimaryTokenTheft
  Steal a primary token and spawn cmd.exe using the stolen token
  ☆257Updated 4 years ago
• aaaddress1 / Skrull
  Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers t…
  ☆457Updated 3 years ago
• outflanknl / SharpHide
  Tool to create hidden registry keys.
  ☆480Updated 5 years ago
• L3cr0f / DccwBypassUAC
  Windows 8.1 and 10 UAC bypass abusing WinSxS in "dccw.exe".
  ☆391Updated 5 years ago
• hatRiot / token-priv
  Token Privilege Research
  ☆827Updated 7 years ago
• klezVirus / chameleon
  PowerShell Script Obfuscator
  ☆548Updated last year
• decoder-it / psgetsystem
  getsystem via parent process using ps1 & embeded c#
  ☆417Updated last year
• itm4n / VBA-RunPE
  A VBA implementation of the RunPE technique or how to bypass application whitelisting.
  ☆807Updated 5 years ago
• threatexpress / metatwin
  The project is designed as a file resource cloner. Metadata, including digital signature, is extracted from one file and injected into a…
  ☆346Updated 6 months ago
• DamonMohammadbagher / eBook-BypassingAVsByCSharp
  eBook "Bypassing AVS by C#.NET Programming" (Free Chapters only)
  ☆467Updated last year
• bluscreenofjeff / AggressorScripts
  Aggressor scripts for use with Cobalt Strike 3.0+
  ☆851Updated 2 years ago
• rasta-mouse / AmsiScanBufferBypass
  Bypass AMSI by patching AmsiScanBuffer
  ☆266Updated 4 years ago
• xforcered / InvisibilityCloak
  Proof-of-concept obfuscation toolkit for C# post-exploitation tools
  ☆424Updated 2 years ago
• bitsadmin / nopowershell
  PowerShell rebuilt in C# for Red Teaming purposes
  ☆985Updated last month
• rvrsh3ll / BOF_Collection
  Various Cobalt Strike BOFs
  ☆650Updated 2 years ago
• djhohnstein / SharpWeb
  .NET 2.0 CLR project to retrieve saved browser credentials from Google Chrome, Mozilla Firefox and Microsoft Internet Explorer/Edge.
  ☆528Updated 6 years ago
• tandasat / ExploitCapcom
  This is a standalone exploit for a vulnerable feature in Capcom.sys
  ☆304Updated 2 years ago
• mgeeky / Stracciatella
  OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at s…
  ☆526Updated 2 years ago
• Cybereason / siofra
  ☆488Updated 7 years ago
• EmpireProject / PSInject
  Inject PowerShell into any process
  ☆232Updated 6 years ago