3xploit666 / AM
☆12Updated 3 years ago
Alternatives and similar repositories for AM:
Users that are interested in AM are comparing it to the libraries listed below
- Various implementations for C# in memory execution. Assembly.Load() Assembly.LoadFile() AppDomain.ExecuteAssembly()☆34Updated 4 years ago
- Bypass Windows defender syscall☆18Updated 3 years ago
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆54Updated 3 years ago
- A simplified version of DotNetToJScript to create a JScript file which loads a .NET v2 assembly from memory.☆47Updated 4 years ago
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆92Updated 3 years ago
- ☆39Updated 2 years ago
- C# implementation of Shellcode delivery techniques using PInvoke and DInvoke variations for API calling.☆35Updated 3 years ago
- Reverse TCP Powershell has never been this paranoid. (basically an Opsec-safe reverse powershell)☆30Updated 3 years ago
- ☆88Updated 2 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆52Updated last year
- SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#☆63Updated last year
- A C# port of the MinHook API hooking library☆52Updated 2 years ago
- ☆61Updated 2 years ago
- My implementation of Halo's Gate technique in C#☆53Updated 2 years ago
- This is a CS project that will encrypt shell code from msfvenom using AES☆22Updated 2 years ago
- Active directory Attacks and Scripts☆22Updated last year
- ☆28Updated 2 years ago
- Implementation of SpoolSample without rDLL☆31Updated 4 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆27Updated 2 years ago
- Tool to start processes as SYSTEM using token duplication☆38Updated 4 years ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆39Updated last year
- Unchain AMSI by patching the provider’s unmonitored memory space☆88Updated 2 years ago
- Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"☆26Updated 2 years ago
- Using syscall to load shellcode, Evasion techniques☆27Updated 3 years ago
- This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…☆51Updated last year
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆83Updated 2 years ago
- NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing R…☆58Updated last year
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- This is my own implementation of the Perun's Fart technique by Sektor7☆68Updated 2 years ago
- Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.☆50Updated 3 years ago