Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
A repository of some of my Windows 10 Device Guard Bypasses
Fetching latest commit…
Cannot retrieve the latest commit at this time.
|Type||Name||Latest commit message||Commit time|
|Failed to load latest commit information.|
Windows 10 Device Guard Bypasses (c) 2017 James Forshaw This solution contains some of my UMCI/Device Guard bypasses. They're are designed to allow you to analyze a system, such as Windows 10 S which comes pre-configured with a restrictive UMCI policy. CreateAddInIpcData: Tested on Windows 10 15063.483 with .NET 4.7. This is an issue with the exposed .NET Remoting IPC channel in AddInProcess.exe (and AddInProcess32.exe) on .NET v4+. See my blog post (https://tyranidslair.blogspot.com/2017/07/dg-on-windows-10-s-executing-arbitrary.html) for more information about how to use this bypass code.