-
Notifications
You must be signed in to change notification settings - Fork 38
A repository of some of my Windows 10 Device Guard Bypasses
License
tyranid/DeviceGuardBypasses
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Windows 10 Device Guard Bypasses (c) 2017 James Forshaw This solution contains some of my UMCI/Device Guard bypasses. They're are designed to allow you to analyze a system, such as Windows 10 S which comes pre-configured with a restrictive UMCI policy. CreateAddInIpcData: Tested on Windows 10 15063.483 with .NET 4.7. This is an issue with the exposed .NET Remoting IPC channel in AddInProcess.exe (and AddInProcess32.exe) on .NET v4+. See my blog post (https://tyranidslair.blogspot.com/2017/07/dg-on-windows-10-s-executing-arbitrary.html) for more information about how to use this bypass code.
About
A repository of some of my Windows 10 Device Guard Bypasses
Resources
License
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published