A LoadLibrary injector for CS:GO that automatically bypasses Trusted Mode by disabling various Win32 function hooks.

TrustedInjector

This is a LoadLibrary injector for Counter-Strike: Global Offensive.

Information

It automatically bypasses trusted mode by removing hooks on various Win32 functions.

Usage

To inject a DLL, bypassing trusted mode automatically.

Note: You can also invoke this behavior by dragging and dropping the DLL onto the executable.

PS C:\Example> .\TrustedInjector.exe  C:\Osiris.dll

Or to only disable trusted mode, without injecting a DLL.

PS C:\Example> .\TrustedInjector.exe  bypass

Compiling

I used Visual Studio 2022, so compile with that in x86 mode.

Credits

  • me (lol)
Similar Resources

A Windows user-mode shellcode execution tool that demonstrates various techniques that malware uses

A Windows user-mode shellcode execution tool that demonstrates various techniques that malware uses

Jektor Toolkit v1.0 This utility focuses on shellcode injection techniques to demonstrate methods that malware may use to execute shellcode on a victi

Sep 5, 2022

If the button pressed esp will reset and App mode will on. App mode will on then led will on, network is connected led will off.

DHT22-to-Google-sheet-Reset-Using-ESP8266-LED-Switch If button pressed esp will reset and App mode will on. App mode will on then led will on, network

Aug 17, 2022

Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR

Detect-Hooks Detect-Hooks is a proof of concept Beacon Object File (BOF) that attempts to detect userland API hooks in place by AV/EDR. The BOF will r

Dec 25, 2022

Scans all modules in target process for jmp/int3 hooks dissassembles then and follows jmps to destination

Scans all modules in target process for jmp/int3 hooks dissassembles then and follows jmps to destination

Scans all modules in target process for jmp/int3 hooks dissassembles then and follows jmps to destination.

Dec 29, 2022

A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks.

A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks.

manual-syscall-detect A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks. Description A full write-up of this to

Dec 26, 2022

Collection of DLL function export forwards for DLL export function proxying

dll-exports Collection of DLL function export forwards for DLL export function proxying. Typical usecase is for backdooring applications for persisten

Dec 6, 2022

C-function for traversing files/directories effectively and calling a given function with each encountered file and a void-pointer as parameters

C-function for traversing files/directories effectively and calling a given function with each encountered file and a void-pointer as parameters

Jun 27, 2022

Jittey - A public domain text editor written in C and Win32

Jittey  - A public domain text editor written in C and Win32

Jittey (Jacob's Terrific Text Editor) is a single-file basic text editor written in pure C and Win32, there is no real reason to use it, but it

Dec 15, 2022

Easily hook WIN32 x64 functions

About Library for easy hooking of arbitrary functions in WIN32 x64 executables. Only requires target function address. Disassembles the function prolo

Jun 12, 2022
A method from GH on how to stream a dll without touching disk, TAGS: fortnite cheat fortnite injector dll injector
A method from GH on how to stream a dll without touching disk, TAGS: fortnite cheat fortnite injector dll injector

dll-encryptor People who make pay hacks typically have down syndrome and are incapable of using their brains in any fashion, and yet these bath salt s

Nov 24, 2021
RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc
RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc

Introduction RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks,

Dec 26, 2022
LoadLibrary for offensive operations

DarkLoadLibrary LoadLibrary for offensive operations. How does is work? https://www.mdsec.co.uk/2021/06/bypassing-image-load-kernel-callbacks/ Usage D

Dec 26, 2022
Simple EFI runtime driver that hooks GetVariable function and returns data expected by Windows to make it think that it's running with secure boot enabled (faking secure boot)
Simple EFI runtime driver that hooks GetVariable function and returns data expected by Windows to make it think that it's running with secure boot enabled (faking secure boot)

SecureFakePkg is a simple EFI runtime driver that hooks GetVariable function and returns data expected by Windows to make it think that it's running with secure boot enabled. In other words, it fakes secure boot status.

Dec 30, 2022
Bypasses for Windows kernel callbacks PatchGuard protection

kernel_callbacks Bypasses for Windows kernel callbacks PatchGuard protection https://www.godeye.club/2021/08/14/001-windows-notification-callbacks.htm

Nov 26, 2022
Mystikos is a set of tools for running applications in a hardware trusted execution environment (TEE)
Mystikos is a set of tools for running applications in a hardware trusted execution environment (TEE)

Mystikos is a set of tools for running applications in a hardware trusted execution environment (TEE). The current release supports Intel ® SGX while other TEEs may be supported in future releases. Linux is also a supported target, though only suitable for testing purposes as it provides no additional protection.

Dec 14, 2022
Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving
Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving

Beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.exe" by using DCOM object.

Dec 28, 2022
Trusted QSL from the ARRL, this repo is a manual sync and only to generate a AppImage of the app

Trusted QSL from the ARRL, this repo is a manual sync and only to generate a AppImage of the app

Nov 17, 2021
This is a PoC for bypassing UAC using DLL hijacking and abusing the "Trusted Directories" verification.
This is a PoC for bypassing UAC using DLL hijacking and abusing the

UAC bypass - DLL hijacking Description This is a PoC for bypassing UAC using DLL hijacking and abusing the "Trusted Directories" verification. Summary

Nov 30, 2022
`lv_lib_100ask` is a reference for various out of the box schemes based on lvgl library or an enhanced interface for various components of lvgl library.

Introduction lv_lib_100ask is a reference for various out of the box schemes based on lvgl library or an enhanced interface for various components of

Dec 15, 2022