0r13lc0ch4v1 / HideFromAMSILinks
Bypass AMSI and Executing PowerShell scripts from C# - using CyberArk's method to bypass AMSI
☆31Updated 5 years ago
Alternatives and similar repositories for HideFromAMSI
Users that are interested in HideFromAMSI are comparing it to the libraries listed below
Sorting:
- Encrypted Shellcode Loader Generator☆22Updated 6 years ago
- ☆36Updated 6 years ago
- A quick tool for hiding a new process running shellcode.☆57Updated 5 years ago
- ☆54Updated 7 years ago
- Playing around with token manipulation in C#.☆28Updated 5 years ago
- CobaltStrike Aggressor Script to utilise FuzzySec's Windows Notification Framework Research to Spawn a Shell under Explorer.exe☆16Updated 6 years ago
- C# DCOM Execution☆18Updated 6 years ago
- Code that can be used to create/steal/manipulate token contexts in a program. Can be implemented into other C# projects.☆12Updated 6 years ago
- A VBA implementation of the RunPE technique or how to bypass application whitelisting.☆14Updated 6 years ago
- Hide Mimikatz From Process Lists☆17Updated 10 years ago
- CVE-2019-1064 Local Privilege Escalation Vulnerability☆24Updated 6 years ago
- ☆42Updated 6 years ago
- A repo to hold any bypasses I work on/study/whatever☆19Updated 4 years ago
- Sound Research SECOMN service Privilege Escalation (windows 10)☆39Updated 5 years ago
- Loads shellcode from a resource file.☆22Updated 6 years ago
- ☆54Updated 6 years ago
- Miscellaneous C-Sharp projects for red team activities☆24Updated 3 years ago
- Use to generate DLL through Visual Studio☆20Updated 8 years ago
- ☆50Updated 4 years ago
- External C2 Using IE COM Objects☆100Updated 6 years ago
- Hide .Net assembly into png images☆36Updated 6 years ago
- Persistent through COM Hijacking☆22Updated 6 years ago
- CVE-2020-1048 bypass: binary planting PoC☆33Updated 5 years ago
- CobaltStrike AggressorScripts for the lazy☆10Updated 3 years ago
- Experiments on the Windows Internals☆30Updated 5 years ago
- C# .NET Assembly for interacting with File Object DACLs☆44Updated 5 years ago
- InsecurePowerShellHost is a .NET Core host process for InsecurePowerShell, a version of PowerShell Core v6.0.0 with key security features…☆32Updated 7 years ago
- Proof of concept of VMSA-2017-0012☆41Updated 8 years ago
- Alternative C# Implementation tool to retrieve Active Directory Integrated DNS records with IP addresses☆50Updated 5 years ago
- I used this to see if an EDR is running in Safe Mode☆37Updated 4 years ago