TrustedPath-UACBypass-BOF
UAC Bypass Tool
Tools and techniques to bypass Windows UAC restrictions on executable files by utilizing DCOM objects
Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.exe" by using DCOM object.
117 stars
5 watching
38 forks
Language: C
last commit: over 3 years ago Related projects:
| Repository | Description | Stars |
|---|---|---|
 octoberfest7/eventvieweruac_bof | A tool that bypasses UAC restrictions on Windows by deserializing and executing malicious code in Event Viewer. | 128 |
 encodegroup/uac-silentclean | A technique to bypass Windows UAC security restrictions using a DLL planting method for executing malicious code in high integrity processes. | 189 |
 riccardoancarani/bofs | Utilities for Cobalt Strike's Beacon Object Files to simplify working with shellcode and system processes | 111 |
 airbus-cert/invoke-bof | Loads and executes a malicious payload in a Windows system using PowerShell. | 246 |
 boku7/injectetwbypass | Tool to bypass ETW (Event Tracing for Windows) security measure in remote processes by injecting a custom syscall | 277 |
 cobalt-strike/bof-vs | A Beacon Object File Visual Studio template project for creating malicious code executables | 138 |
| boku7/injectamsibypass | A tool that bypasses AMSI in a remote process with code injection. | 377 |
| cobalt-strike/unhook-bof | Removes API hooks from a malicious process | 54 |
 zu1k/beacon_hook_bypass_memscan | Bypassing memory scanning to evade detection by the Karbenz CASB (Content Awareness Security Platform) security solution | 24 |
 dimopouloselias/alpc-mmc-uac-bypass | Exploits ALPC and mmc to bypass Windows UAC for administrative privileges. | 155 |
 0x3rhy/adduser-bof | A Cobalt Strike BOF that exploits a vulnerability to add an admin user | 69 |
 ccob/bof.net | A .NET runtime framework for developing and executing malicious C code in a managed environment. | 678 |
 bohops/ultimatewdacbypasslist | A centralized resource for bypassing Windows Device Guard Application Whitelisting (WDAC) policies. | 482 |
 mlcsec/asrenum-bof | Tools to detect and exploit vulnerabilities in Windows Attack Surface Reduction (ASR) settings | 138 |
 northwavesecurity/kernel-mii | Exploits a kernel vulnerability to gain SYSTEM privileges on Windows. | 29 |