xct / SeDebugAbuseLinks
Get SYSTEM via SeDebugPrivilege
☆20Updated 3 years ago
Alternatives and similar repositories for SeDebugAbuse
Users that are interested in SeDebugAbuse are comparing it to the libraries listed below
Sorting:
- ☆50Updated 2 years ago
- Automating payload generation for OSEP labs and exam.☆34Updated 2 years ago
- Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆15Updated 2 years ago
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆56Updated 3 years ago
- Secretsdump C# version only supporting local (live) operation☆49Updated last month
- A simple C++ Windows tool to get information about processes exposing named pipes.☆36Updated 3 months ago
- Simple C++ PoC of SeDebugPrivilege Privesc☆23Updated last year
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆103Updated last year
- Run Cobalt Strike BOFs in Brute Ratel C4!☆68Updated last month
- ☆88Updated 2 years ago
- Arbitrary File Delete in Windows Installer before 10.0.19045.2193☆30Updated 2 years ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆95Updated 2 years ago
- a C# implementation for a shellcode loader that capable to bypass Cortex XDR and Sophos EDR.☆30Updated last week
- Bypass AMSI By Dividing files into multiple smaller files☆45Updated 2 years ago
- ☆29Updated 2 years ago
- Create Anti-Copy DRM Malware☆57Updated 9 months ago
- C# havoc implant☆99Updated 2 years ago
- SAM Dumping in C#☆48Updated 4 months ago
- ☆70Updated 2 years ago
- An old Windows workstations LPE for domain environments without LDAP signing/channel binding.☆34Updated 2 years ago
- A repository with my code snippets for research/education purposes.☆50Updated last year
- Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…☆49Updated 2 years ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆82Updated 7 months ago
- in-process powershell runner for BRC4☆45Updated last year
- ☆36Updated last year
- ☆55Updated 3 months ago
- Modified versions of the Cobalt Strike Process Injection Kit☆95Updated last year
- ☆56Updated 6 months ago
- A small tool to convert Base64-encoded .kirbi tickets from Rubeus into .ccache files for Impacket☆58Updated 5 years ago
- Bypass Constrained Language Mode in PowerShell☆29Updated 6 years ago