x0xr00t / Automated-MUlti-UAC-BypassView external linksLinks
Automated Multi UAC BYPASS for win10|win11|win12-pre-release|ws2019|ws2022
☆454Nov 5, 2024Updated last year
Alternatives and similar repositories for Automated-MUlti-UAC-Bypass
Users that are interested in Automated-MUlti-UAC-Bypass are comparing it to the libraries listed below
Sorting:
- Bypassing UAC with SSPI Datagram Contexts☆460Sep 24, 2023Updated 2 years ago
- UAC Bypass By Abusing Kerberos Tickets☆508Aug 10, 2023Updated 2 years ago
- Automated DLL Sideloading Tool With EDR Evasion Capabilities☆502Dec 19, 2023Updated 2 years ago
- Real fucking shellcode encryptor & obfuscator tool☆1,010Jan 7, 2026Updated last month
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆612Jan 2, 2025Updated last year
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆1,199Oct 16, 2023Updated 2 years ago
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆536May 9, 2025Updated 9 months ago
- Cobalt Strike HTTPS beaconing over Microsoft Graph API☆621Jun 25, 2024Updated last year
- DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …☆565Jun 5, 2023Updated 2 years ago
- kill anti-malware protected processes ( BYOVD )☆970Jul 21, 2023Updated 2 years ago
- A list of python tools to help create an OPSEC-safe Cobalt Strike profile.☆510May 19, 2025Updated 8 months ago
- CIA UAC bypass implementation of Stinger that obtains the token from an auto-elevated process, modifies it, and reuses it to execute as A…☆300Feb 2, 2026Updated 2 weeks ago
- CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administr…☆182Feb 2, 2026Updated 2 weeks ago
- A beacon object file implementation of PoolParty Process Injection Technique.☆432Dec 21, 2023Updated 2 years ago
- HVNC for Cobalt Strike☆1,297Dec 7, 2023Updated 2 years ago
- A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage Power…☆813Mar 28, 2025Updated 10 months ago
- Amsi Bypass payload that works on Windwos 11☆377Jul 30, 2023Updated 2 years ago
- Threadless Process Injection using remote function hooking.☆809Sep 4, 2024Updated last year
- Fileless atexec, no more need for port 445☆404Mar 28, 2024Updated last year
- MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.☆537Nov 14, 2025Updated 3 months ago
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer☆539Feb 13, 2024Updated 2 years ago
- Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8☆350Aug 29, 2024Updated last year
- Lateral Movement☆125Nov 14, 2023Updated 2 years ago
- UAC bypass by abusing RPC and debug objects.☆627Oct 19, 2023Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆1,004Jun 4, 2024Updated last year
- Collection of UAC Bypass Techniques Weaponized as BOFs☆603Feb 21, 2024Updated last year
- UAC bypass for x64 Windows 7 - 11☆831Feb 2, 2026Updated 2 weeks ago
- ☆1,117Jan 6, 2026Updated last month
- evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)☆1,495Dec 21, 2023Updated 2 years ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆772Jan 26, 2026Updated 3 weeks ago
- Loading Remote AES Encrypted PE in memory , Decrypted it and run it☆1,021Aug 29, 2023Updated 2 years ago
- CPP AV/EDR Killer☆475Nov 28, 2023Updated 2 years ago
- Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.☆288May 27, 2024Updated last year
- An interactive shell to spoof some LOLBins command line☆188Jan 27, 2024Updated 2 years ago
- C++ self-Injecting dropper based on various EDR evasion techniques.☆425Feb 11, 2024Updated 2 years ago
- Evasive shellcode loader☆398Oct 17, 2024Updated last year
- Execute unmanaged Windows executables in CobaltStrike Beacons☆714Mar 4, 2023Updated 2 years ago
- ☆222Mar 10, 2024Updated last year
- SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.☆1,192Apr 16, 2025Updated 10 months ago