UAC-A-Mola is a tool that allows security researchers to investigate new UAC bypasses, in addition to detecting and exploiting known bypasses

Description

UAC-A-Mola is a tool that allows security researchers to investigate new UAC bypasses, in addition to detecting and exploiting known bypasses. UAC-A-mola has modules to carry out the protection and mitigation of UAC bypasses.

The strong point of uac-a-mola is that it was created so that other researchers can carry out the work and process of discovering new weaknesses in the UAC. Of course, the tool can be used in pentesting processes, as well as by IT teams to protect and enumerate equipment with UAC bypasses.

Functionalities

UAC-A-Mola is a framework designed for researching, detecting, exploiting and solving UAC bypass weaknesses. These shortcomings are settled in Microsoft Operating Systems. UAC-A-Mola allows automatizing the detection of a UAC bypass in a computer with Windows 7/8/8.1/10. UAC-A-Mola can run customizable modules that allow automatizing researching looking for UAC bypasses mainly based in Fileless and DLL Hijacking. The framework allows to include modules focused on researching and detection of other types of bypasses. Therefore, UAC-A-Mola has a defensive role to mitigate any possible UAC bypasses in Windows. UAC-A-Mola is written in Python and is a framework that can extend its functionality through a simple interface and its module creation.

Several techniques exist that allow bypass the UAC protection under some circumstances.  With the objective to unify all the current techniques and automatize the discover of new weaknesess, as well as protection against the well-known, its proposed to create a tool based on modules that allows the detection and exploitation of the well-known weaknesses and the discover of any others.

This tool follows the IDEM methodology: researching potentially processes vulnerable to a UAC bypass, detection of this types of vulnerabilities, exploitations, and mitigation.

The main feature of this tool is the modular architecture. A command line interface allows the users to load the modules to be used during the running time. This feature provides an easy and efficient usability, permitting the utilization of several modules in only one run of the tool. Additionally, it gives the tool a high extensibility.
UAC-A-Mola
UAC-A-Mola video
OUR TOOLS

MicEnum

IDENTITY AND PRIVACY

MicEnum is a graphical tool that enumerates the Integrity Levels of the objects in the hard disks, helps to detect anomalies and allows to store and restore this information in an XML file.

Latch USB Monitor

IDENTITY AND PRIVACY

Monitors Plug ‘n Play device (PNP) changes in Windows and gives the user the possibility of tracking incoming devices, and react accordingly to a preconfigured Latch response.

CriptoClipWatcher

THREATS AND VULNERABILITIES

CriptoClipWatcher will check if, once you have copied a cryptocurrency wallet or address into your clipboard, it is modified before you replace it from your clipboard.