Skip to content
/ GetSystem Public

This is a C# implementation of making a process/executable run as NT AUTHORITY/SYSTEM. This is achieved through parent ID spoofing of almost any SYSTEM process.

105 stars 28 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

py7hagoras/GetSystem

BranchesTags

Repository files navigation

GetSystem

This is a C# implementation of making a process/executable run as NT AUTHORITY/SYSTEM. This is achieved through parent ID spoofing of almost any SYSTEM process. Helps avoid the use of PSEXEC which is closely monitored by Blue Team.

Usage:

GetSystem.exe

GetSystem.exe C:\Windows\System32\cmd.exe lsass

Showing run of GetSystem to spawn cmd.exe as SYSTEM with lsass as parent

About

This is a C# implementation of making a process/executable run as NT AUTHORITY/SYSTEM. This is achieved through parent ID spoofing of almost any SYSTEM process.

Resources

Readme
Activity

Stars

105 stars

Watchers

3 watching

Forks

28 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages