api0cradle / Ultimateapplockerbypasslist
The goal of this repository is to document the most common techniques to bypass AppLocker.
Stars: ✭ 1,186
Programming Languages
powershell
5483 projects
Projects that are alternatives of or similar to Ultimateapplockerbypasslist
Gtfobins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Stars: ✭ 6,030 (+408.43%)
Mutual labels: redteam, bypass, blueteam
gtfo
Search for Unix binaries that can be exploited to bypass system security restrictions.
Stars: ✭ 88 (-92.58%)
Mutual labels: bypass, blueteam, redteam
Lolbas
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Stars: ✭ 3,810 (+221.25%)
Mutual labels: redteam, blueteam
Gray hat csharp code
This repository contains full code examples from the book Gray Hat C#
Stars: ✭ 301 (-74.62%)
Mutual labels: redteam, blueteam
Hacker ezines
A collection of electronic hacker magazines carefully curated over the years from multiple sources
Stars: ✭ 72 (-93.93%)
Mutual labels: redteam, blueteam
NewNtdllBypassInlineHook CSharp
Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.
Stars: ✭ 35 (-97.05%)
Mutual labels: bypass, redteam
Wadcoms.github.io
WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.
Stars: ✭ 431 (-63.66%)
Mutual labels: redteam, blueteam
HellgateLoader CSharp
Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.
Stars: ✭ 73 (-93.84%)
Mutual labels: bypass, redteam
Slackpirate
Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace
Stars: ✭ 512 (-56.83%)
Mutual labels: redteam, blueteam
Repo Supervisor
Scan your code for security misconfiguration, search for passwords and secrets. 🔍
Stars: ✭ 482 (-59.36%)
Mutual labels: redteam, blueteam
Payloadsallthethings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+2674.79%)
Mutual labels: redteam, bypass
1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+213.24%)
Mutual labels: blueteam, redteam
MicrosoftWontFixList
A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))
Stars: ✭ 854 (-27.99%)
Mutual labels: blueteam, redteam
purple-team-exercise-framework
Purple Team Exercise Framework
Stars: ✭ 284 (-76.05%)
Mutual labels: blueteam, redteam
Pidense
🍓📡🍍Monitor illegal wireless network activities. (Fake Access Points), (WiFi Threats: KARMA Attacks, WiFi Pineapple, Similar SSID, OPN Network Density etc.)
Stars: ✭ 358 (-69.81%)
Mutual labels: redteam, blueteam
dummyDLL
Utility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.
Stars: ✭ 35 (-97.05%)
Mutual labels: blueteam, redteam
MurMurHash
This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Stars: ✭ 79 (-93.34%)
Mutual labels: blueteam, redteam
1earn
个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 776 (-34.57%)
Mutual labels: redteam, blueteam
Theharvester
E-mails, subdomains and names Harvester - OSINT
Stars: ✭ 6,175 (+420.66%)
Mutual labels: redteam, blueteam
Ultimate AppLocker ByPass List
The goal of this repository is to document the most common and known techniques to bypass AppLocker. Since AppLocker can be configured in different ways I maintain a verified list of bypasses (that works against the default AppLocker rules) and a list with possible bypass technique (depending on configuration) or claimed to be a bypass by someone. I also have a list of generic bypass techniques as well as a legacy list of methods to execute through DLLs.
INDEXED LISTS
- Generic-AppLockerbypasses.md
- VerifiedAppLockerBypasses.md
- UnverifiedAppLockerBypasses.md
- DLL-Execution.md
YML
I have also created everything in YML format so it the data can be reused. The YML files can be found under the YML folder.
For details on how I verified and how to create the default rules you can check my blog: https://oddvar.moe/2017/12/13/applocker-case-study-how-insecure-is-it-really-part-1/
BLOCK RULES
The rules can be found in the AppLocker-BlockPolicies folder.
Please contribute and do point out errors or resources I have forgotten.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].