I found a interesting git repo, check it out 
# hypobrychium AV/EDR completely ignore me.
Duplicate (unowned) token from a running process without detections
Duplicate the token of a running process and run a command.
Use when there is a process on behalf of a domain administrator or to generate a CMD on any process.
When used with unowned process PIDs, there will be no screen input/output in the CMD, but the shell works fine.
The source will be published soon, I make it watchable ;-) It was written in Delphi (Lazarous)
Special thanks to Ewan who developed some highly professional units.
have fun
Required: Local administrator role
# Examples in pics
URL - https://github.com/foxlox/hypobrychium
happy hacking
# hypobrychium AV/EDR completely ignore me.
Duplicate (unowned) token from a running process without detections
Duplicate the token of a running process and run a command.
Use when there is a process on behalf of a domain administrator or to generate a CMD on any process.
When used with unowned process PIDs, there will be no screen input/output in the CMD, but the shell works fine.
The source will be published soon, I make it watchable ;-) It was written in Delphi (Lazarous)
Special thanks to Ewan who developed some highly professional units.
have fun
Required: Local administrator role
# Examples in pics
URL - https://github.com/foxlox/hypobrychium
happy hacking
