0r13lc0ch4v1 / HideFromAMSILinks
Bypass AMSI and Executing PowerShell scripts from C# - using CyberArk's method to bypass AMSI
☆31Updated 5 years ago
Alternatives and similar repositories for HideFromAMSI
Users that are interested in HideFromAMSI are comparing it to the libraries listed below
Sorting:
- ☆54Updated 6 years ago
- Encrypted Shellcode Loader Generator☆22Updated 6 years ago
- A VBA implementation of the RunPE technique or how to bypass application whitelisting.☆14Updated 6 years ago
- ☆36Updated 6 years ago
- IIS Handler for *.ps1 files☆9Updated 5 years ago
- CobaltStrike Aggressor Script to utilise FuzzySec's Windows Notification Framework Research to Spawn a Shell under Explorer.exe☆16Updated 5 years ago
- ☆18Updated 3 years ago
- A repo to hold any bypasses I work on/study/whatever☆19Updated 4 years ago
- Proof of concept of VMSA-2017-0012☆41Updated 7 years ago
- Loads shellcode from a resource file.☆22Updated 5 years ago
- Installs And Executes Shellcode☆11Updated 9 years ago
- Files for http://deniable.org/windows/windows-callbacks☆25Updated 4 years ago
- C# DCOM Execution☆18Updated 5 years ago
- Example of async client/server sockets in .NET 5☆17Updated 3 years ago
- Execute shellcode with syscalls from C# .dll☆12Updated 5 years ago
- CVE-2020-1048 bypass: binary planting PoC☆32Updated 4 years ago
- C# Implementation of Get-VaultCredential☆13Updated 6 years ago
- Code that can be used to create/steal/manipulate token contexts in a program. Can be implemented into other C# projects.☆12Updated 6 years ago
- A quick tool for hiding a new process running shellcode.☆57Updated 4 years ago
- ☆51Updated 5 years ago
- Windows Shellcode Testing Utility to Run Shellcode From A File☆12Updated 5 years ago
- SharpDir is a simple code set to search both local and remote file systems for files and is compatible with Cobalt Strike.☆27Updated 5 years ago
- Sound Research SECOMN service Privilege Escalation (windows 10)☆40Updated 5 years ago
- Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…☆22Updated 5 years ago
- I used this to see if an EDR is running in Safe Mode☆37Updated 4 years ago
- Use to generate DLL through Visual Studio☆19Updated 7 years ago
- Hide Mimikatz From Process Lists☆17Updated 9 years ago
- interesting analysis☆16Updated 7 years ago
- Experiments on the Windows Internals☆30Updated 5 years ago
- ☆45Updated 6 years ago