EvilBytecode / Amsi-Patch-Updated-2025Links
How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.
☆22Updated 4 months ago
Alternatives and similar repositories for Amsi-Patch-Updated-2025
Users that are interested in Amsi-Patch-Updated-2025 are comparing it to the libraries listed below
Sorting:
- Tool to bypass LSA Protection (aka Protected Process Light)☆56Updated 7 months ago
- ☆50Updated last month
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆42Updated 11 months ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆55Updated this week
- ☆57Updated 10 months ago
- Bypassing Amsi using LdrLoadDll☆45Updated 7 months ago
- Using LNK files and user input simulation to start processes under explorer.exe☆26Updated 11 months ago
- ☆53Updated 8 months ago
- NailaoLoader: Hiding Execution Flow via Patching☆20Updated 6 months ago
- Less sugar (entropy) for your binaries☆34Updated 5 months ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Updated 7 months ago
- Threadless shellcode injection tool☆67Updated last year
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆56Updated 3 months ago
- ☆43Updated last month
- command control framework☆22Updated 2 months ago
- Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence☆54Updated 2 months ago
- remote process injections using pool party techniques☆66Updated 2 months ago
- A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.☆61Updated 6 months ago
- BypassCredGuard CS BOF☆45Updated 7 months ago
- Proxy function calls through the thread pool with ease☆29Updated 6 months ago
- A fucking real shellcode loader with a GUI. Work-in-Progress.☆75Updated 2 months ago
- A firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a unprivileged user☆41Updated last year
- C++ tool and library for converting .bin files to shellcode in multiple output formats.☆31Updated last week
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆51Updated 3 months ago
- Execute shellcode via Bluetooth device authentication☆40Updated 6 months ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆83Updated 10 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆54Updated 4 months ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆31Updated last year
- ☆41Updated last month
- C++ Staged Shellcode Loader with Evasion capabilities.☆94Updated 10 months ago