0r13lc0ch4v1 / HideFromAMSILinks
Bypass AMSI and Executing PowerShell scripts from C# - using CyberArk's method to bypass AMSI
☆31Updated 5 years ago
Alternatives and similar repositories for HideFromAMSI
Users that are interested in HideFromAMSI are comparing it to the libraries listed below
Sorting:
- ☆36Updated 6 years ago
- A quick tool for hiding a new process running shellcode.☆57Updated 5 years ago
- Encrypted Shellcode Loader Generator☆22Updated 6 years ago
- ☆54Updated 7 years ago
- C# DCOM Execution☆18Updated 6 years ago
- Playing around with token manipulation in C#.☆29Updated 5 years ago
- CobaltStrike Aggressor Script to utilise FuzzySec's Windows Notification Framework Research to Spawn a Shell under Explorer.exe☆16Updated 6 years ago
- A VBA implementation of the RunPE technique or how to bypass application whitelisting.☆14Updated 6 years ago
- CVE-2019-1064 Local Privilege Escalation Vulnerability☆24Updated 6 years ago
- A repo to hold any bypasses I work on/study/whatever☆19Updated 4 years ago
- Use to generate DLL through Visual Studio☆20Updated 8 years ago
- Code that can be used to create/steal/manipulate token contexts in a program. Can be implemented into other C# projects.☆12Updated 6 years ago
- Hide Mimikatz From Process Lists☆18Updated 10 years ago
- ☆50Updated 5 years ago
- C# .NET Assembly for interacting with File Object DACLs☆44Updated 5 years ago
- ☆54Updated 6 years ago
- Sound Research SECOMN service Privilege Escalation (windows 10)☆39Updated 5 years ago
- Hide .Net assembly into png images☆36Updated 6 years ago
- Miscellaneous C-Sharp projects for red team activities☆24Updated 3 years ago
- Loads shellcode from a resource file.☆22Updated 6 years ago
- ☆42Updated 6 years ago
- Installs And Executes Shellcode☆11Updated 10 years ago
- I used this to see if an EDR is running in Safe Mode☆36Updated 4 years ago
- Proof of concept of VMSA-2017-0012☆41Updated 8 years ago
- SharpDir is a simple code set to search both local and remote file systems for files and is compatible with Cobalt Strike.☆27Updated 6 years ago
- CVE-2020-1048 bypass: binary planting PoC☆33Updated 5 years ago
- An example of how to spawn a process with a spoofed parent PID (Visual C++)☆29Updated 6 years ago
- Persistent through COM Hijacking☆22Updated 6 years ago
- Contains poc's and my research works☆31Updated 2 years ago
- Send message on Telegram when you get a new Cobalt Strike beacon☆21Updated 5 years ago