TrustedPath-UACBypass-BOF

UAC Bypass Tool

Tools and techniques to bypass Windows UAC restrictions on executable files by utilizing DCOM objects

Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.exe" by using DCOM object.

GitHub

119 stars
5 watching
38 forks
Language: C
last commit: over 3 years ago

Related projects:

Repository Description Stars
octoberfest7/eventvieweruac_bof A tool that bypasses UAC restrictions on Windows by deserializing and executing malicious code in Event Viewer. 129
encodegroup/uac-silentclean A technique to bypass Windows UAC security restrictions using a DLL planting method for executing malicious code in high integrity processes. 190
riccardoancarani/bofs Utilities for Cobalt Strike's Beacon Object Files to simplify working with shellcode and system processes 112
airbus-cert/invoke-bof Loads and executes a malicious payload in a Windows system using PowerShell. 245
boku7/injectetwbypass Tool to bypass ETW (Event Tracing for Windows) security measure in remote processes by injecting a custom syscall 276
cobalt-strike/bof-vs A Beacon Object File Visual Studio template project for creating malicious code executables 145
boku7/injectamsibypass A tool that bypasses AMSI in a remote process with code injection. 377
cobalt-strike/unhook-bof Removes API hooks from a malicious process 54
zu1k/beacon_hook_bypass_memscan Bypassing memory scanning to evade detection by the Karbenz CASB (Content Awareness Security Platform) security solution 24
dimopouloselias/alpc-mmc-uac-bypass Exploits ALPC and mmc to bypass Windows UAC for administrative privileges. 155
0x3rhy/adduser-bof A Cobalt Strike BOF that exploits a vulnerability to add an admin user 70
ccob/bof.net A .NET runtime framework for developing and executing malicious C code in a managed environment. 682
bohops/ultimatewdacbypasslist A centralized resource for bypassing Windows Device Guard Application Whitelisting (WDAC) policies. 489
mlcsec/asrenum-bof Tools to detect and exploit vulnerabilities in Windows Attack Surface Reduction (ASR) settings 142
northwavesecurity/kernel-mii Exploits a kernel vulnerability to gain SYSTEM privileges on Windows. 29