Alternatives and similar repositories for UAC-bypass

Users that are interested in UAC-bypass are comparing it to the libraries listed below

• Plazmaz / LNKUp
  Generates malicious LNK file payloads for data exfiltration
  ☆409Updated 7 years ago
• paranoidninja / 0xdarkvortex-MalwareDevelopment
  This repo will contain code snippets for blogs: Malware on Steroids written by me at https://scriptdotsh.com/index.php/category/malware-d…
  ☆194Updated 4 years ago
• threatexpress / metatwin
  The project is designed as a file resource cloner. Metadata, including digital signature, is extracted from one file and injected into a…
  ☆352Updated 7 months ago
• padovah4ck / PSByPassCLM
  Bypass for PowerShell Constrained Language Mode
  ☆395Updated 3 years ago
• decoder-it / psgetsystem
  getsystem via parent process using ps1 & embeded c#
  ☆423Updated last year
• b4rtik / metasploit-execute-assembly
  Custom Metasploit post module to executing a .NET Assembly from Meterpreter session
  ☆346Updated 4 years ago
• Cybereason / siofra
  ☆489Updated 7 years ago
• it-gorillaz / lnk2pwn
  Malicious Shortcut(.lnk) Generator
  ☆198Updated 6 years ago
• FSecureLABS / Ninjasploit
  A meterpreter extension for applying hooks to avoid windows defender memory scans
  ☆246Updated 4 years ago
• mandiant / DueDLLigence
  ☆474Updated 2 years ago
• Flangvik / AMSI.fail
  C# Azure Function with an HTTP trigger that generates obfuscated PowerShell snippets that break or disable AMSI for the current process.
  ☆412Updated 10 months ago
• outflanknl / NetshHelperBeacon
  Example DLL to load from Windows NetShell
  ☆180Updated 8 years ago
• outflanknl / SharpHide
  Tool to create hidden registry keys.
  ☆486Updated 5 years ago
• samratashok / RACE
  RACE is a PowerShell module for executing ACL attacks against Windows targets.
  ☆230Updated 2 years ago
• rasta-mouse / TikiTorch
  Process Injection
  ☆762Updated 3 years ago
• DamonMohammadbagher / eBook-BypassingAVsByCSharp
  eBook "Bypassing AVS by C#.NET Programming" (Free Chapters only)
  ☆467Updated 2 years ago
• ionescu007 / faxhell
  A Bind Shell Using the Fax Service and a DLL Hijack
  ☆331Updated 5 years ago
• S3cur3Th1sSh1t / Invoke-SharpLoader
  ☆362Updated 4 years ago
• itm4n / UsoDllLoader
  Windows - Weaponizing privileged file writes with the Update Session Orchestrator service
  ☆391Updated 5 years ago
• CBHue / PyFuscation
  Obfuscate powershell scripts by replacing Function names, Variables and Parameters.
  ☆519Updated 2 years ago
• djhohnstein / SharpWeb
  .NET 2.0 CLR project to retrieve saved browser credentials from Google Chrome, Mozilla Firefox and Microsoft Internet Explorer/Edge.
  ☆533Updated 6 years ago
• p3nt4 / Nuages
  A modular C2 framework
  ☆482Updated 3 months ago
• TsukiCTF / Lovely-Potato
  Automating juicy potato local privilege escalation exploit for penetration testers
  ☆144Updated 3 years ago
• PwnDexter / Invoke-EDRChecker
  Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories,…
  ☆264Updated last year
• mandiant / OfficePurge
  ☆260Updated 2 years ago
• nccgroup / acCOMplice
  Tools for discovery and abuse of COM hijacks
  ☆322Updated 5 years ago
• mgeeky / Stracciatella
  OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at s…
  ☆527Updated 2 years ago
• turbo / zero2hero
  C implementation of the file-less UAC exploit
  ☆74Updated 8 years ago
• slyd0g / PrimaryTokenTheft
  Steal a primary token and spawn cmd.exe using the stolen token
  ☆258Updated 4 years ago
• S1ckB0y1337 / TokenPlayer
  Manipulating and Abusing Windows Access Tokens.
  ☆279Updated 4 years ago