C5Hackr / ARM64_AmsiPatch
☆17Updated 2 months ago
Alternatives and similar repositories for ARM64_AmsiPatch:
Users that are interested in ARM64_AmsiPatch are comparing it to the libraries listed below
- Cobalt Strike notifications via NTFY.☆13Updated 7 months ago
- A simple rpc2socks alternative in pure Go.☆28Updated 9 months ago
- Watches the Downloads folder for any new files and inserts it into Nemesis for analysis.☆14Updated last year
- string encryption in Nim☆19Updated 10 months ago
- ELF Beacon Object File (BOF) Template☆19Updated 5 months ago
- Golang Implementation of Hell's gate☆17Updated last year
- ☆18Updated 4 months ago
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆20Updated last year
- Just another Process Injection using Process Hollowing technique.☆17Updated last year
- Parent Process ID Spoofing, coded in CGo.☆22Updated 9 months ago
- A tool to enumerate and download files from the System Center Configuration Manager (SCCM) SMB share (SCCMContentLib)☆13Updated 8 months ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆14Updated 2 years ago
- Unix Process hollowing in rust☆21Updated 4 months ago
- Create PDFs with HTML smuggling attachments that save on opening the document.☆29Updated last year
- Extension functionality for the NightHawk operator client☆27Updated last year
- PoC MSI payload based on ASEC/AhnLab's blog post☆23Updated 2 years ago
- Extension functionality for the NightHawk operator client☆27Updated last year
- ☆19Updated 4 months ago
- How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.☆13Updated last month
- Items related to the RedELK workshop given at security conferences☆29Updated last year
- Python3 tool to perform password spraying using RDP☆16Updated last year
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆26Updated 2 months ago
- BOF for C2 framework☆41Updated 5 months ago
- Deobfuscation of XorStringsNet☆14Updated 5 months ago
- A lexer and parser for Sleep☆19Updated 3 months ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆20Updated 2 years ago
- Remap ntdll.dll using only NTAPI functions with a suspended process☆21Updated last week
- Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts☆20Updated last year
- RunPE adapted for x64 and written in C, does not use RWX☆25Updated 11 months ago
- A simple website to act as a store for havoc modules and extensions☆26Updated 3 months ago