windows Archives | ARTISTIC SWAN

WINspect – Powershell-based Windows Security Auditing Toolbox

September 2, 2017 by Uma

WINspect is part of a larger project for auditing different areas of Windows environments. It focuses on enumerating different parts of a Windows machine aiming to identify security weaknesses and point to components that need further hardening. The main targets for the current version are domain-joined windows machines. However, some of the functions still apply for standalone … Read more

How To Bypass UAC Protection on Windows 7/8/10 Systems

August 19, 2017July 18, 2017 by Uma

Info:

This module will bypass Windows UAC by utilizing the trusted publisher certificate through process injection. It will spawn a second shell that has the UAC flag turned off. This module uses the Reflective DLL Injection technique to drop only the DLL payload binary instead of three seperate binaries in the standard technique. However, it requires the correct architecture to be selected, (use x64 for SYSWOW64 systems also). If specifying EXE::Custom your DLL should call ExitProcess() after starting your payload in a seperate process.