ByeIntegrity-UAC – Bypass UAC By Hijacking A DLL Located In The Native Image Cache

Bypass User Account Control (UAC) to gain elevated (Administrator) privileges to run any program at a high integrity level.  Requirements Administrator account UAC notification level set to default or lower How it works ByeIntegrity hijacks a DLL located in the Native Image Cache (NIC). The NIC is used by the .NET Framework to store optimizedRead More

Pystinger – Bypass Firewall For Traffic Forwarding Using Webshell

Pystinger implements SOCK4 proxy and port mapping through webshell. It can be directly used by metasploit-framework, viper, cobalt strike for session online. Pystinger is developed in python, and currently supports three proxy scripts: php, jsp(x) and aspx. Usage Suppose the domain name of the server is :8080 The intranet IPAddress of the server intranetRead More

Evasor – A Tool To Be Used In Post Exploitation Phase For Blue And Red Teams To Bypass APPLICATIONCONTROL Policies

The Evasor is an automated security assessment tool which locates existing executables on the Windows operating system that can be used to bypass any Application Control rules. It is very easy to use, quick, saves time and fully automated which generates for you a report including description, screenshots and mitigations suggestions, suites for both blueRead More

Defeat-Defender – Powerful Batch Script To Dismantle Complete Windows Defender Protection And Even Bypass Tamper Protection

Powerfull Batch File To Disable Windows Defender,Firewall,Smartscreen And Execute the payload Usage : Edit Defeat-Defender.bat on this line and replace the direct url of your payload Run the script “run.vbs” . It will ask for Admin Permission.If permission Granted The script will work Silently without console windows… After it got admin permission it willRead More

Gotestwaf – Go Test WAF Is A Tool To Test Your WAF Detection Capabilities Against Different Types Of Attacks And By-Pass Techniques

An open-source Go project to test different web application firewalls (WAF) for detection logic and bypasses. How it works It is a 3-steps requests generation process that multiply amount of payloads to encoders and placeholders. Let’s say you defined 2 payloads, 3 encoders (Base64, JSON, and URLencode) and 1 placeholder (HTTP GET variable). In thisRead More

ScareCrow – Payload Creation Framework Designed Around EDR Bypass

[*] If you want to learn more about the techniques utlized in this framework please take a look at Part 1 and Part 2 Description ScareCrow is a payload creation framework for generating loaders for the use of side loading (not injection) into a legitimate Windows process (bypassing Application Whitelisting controls). Once the DLL loaderRead More

Chimera – A (Shiny And Very Hack-Ish) PowerShell Obfuscation Script Designed To Bypass AMSI And Commercial Antivirus Solutions

Chimera is a (shiny and ver y hack-ish) PowerShell obfuscation script designed to bypass AMSI and antivirus solutions. It digests malicious PS1’s known to trigger AV and uses string substitution and variable concatenation to evade common detection signatures. Chimera was created for this write-up and is further evidence of how trivial it is to bypassRead More

Byp4Xx – Simple Bash Script To Bypass "403 Forbidden" Messages With Well-Known Methods Discussed In #Bugbountytips __ __ __ / /_ __ ______ / // / _ ___ __ / __ / / / / __ / // /_| |/_/ |/_/ / /_/ / /_/ / /_/ /__ __/> <_> < /_.___/__, / .___/ /_/ /_/|_/_/|_| /____/_/ A bash script to bypass “403 Forbidden” responses with well-known methods discussed inRead More

403Bypasser – Burpsuite Extension To Bypass 403 Restricted Directory

An burpsuite extension to bypass 403 restricted directory. By using PassiveScan (default enabled), each 403 request will be automatically scanned by this extension, so just add to burpsuite and enjoy. Payloads: $1: HOSTNAME $2: PATH $1/$2$1/%2e/$2$1/$2/.$1//$2//$1/./$2/./$1/$2anything -H “X-Original-URL: /$2” $1/$2 -H “X-Custom-IP-Authorization:” $1 -H “X-Rewrite-URL: /$2″$1/$2 -H “Referer: /$2″$1/$2 -H “X-Originating-IP:″$1/$2 -H “X-Forwarded-For:Read More