EvilBytecode / Amsi-Patch-Updated-2025Links
How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.
☆17Updated last month
Alternatives and similar repositories for Amsi-Patch-Updated-2025
Users that are interested in Amsi-Patch-Updated-2025 are comparing it to the libraries listed below
Sorting:
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆24Updated 8 months ago
- Proxy function calls through the thread pool with ease☆28Updated 3 months ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆28Updated 4 months ago
- 💎 | RubyRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Ruby☆10Updated last month
- Creation and removal of Defender path exclusions and exceptions in C#.☆31Updated last year
- A C#-implemented malware that dynamically modifies its own hash upon each execution to evade detection.☆12Updated 4 months ago
- Cortex EDR Ransomware protection Bypass☆24Updated 3 months ago
- A simple rpc2socks alternative in pure Go.☆28Updated 10 months ago
- ☆27Updated 4 months ago
- Rewrite to fit my needs☆28Updated 10 months ago
- ☆34Updated 2 months ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆23Updated last year
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆32Updated last year
- Parent Process ID Spoofing, coded in CGo.☆22Updated last month
- havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most…☆12Updated 2 years ago
- Whenever PowerShell is launched, Notepad will also open. You can customize the script for educational purposes, but I emphasize that I do…☆9Updated last month
- Unhook Ntdll.dll, Go & C++.☆22Updated last month
- Cobalt Strike Beacon Object File to to change the user's desktop wallpaper☆14Updated last year
- NailaoLoader: Hiding Execution Flow via Patching☆21Updated 3 months ago
- ☆17Updated 3 weeks ago
- Just another Process Injection using Process Hollowing technique.☆17Updated last year
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆42Updated 10 months ago
- Section-based payload obfuscation technique for x64☆59Updated 9 months ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆21Updated last month
- 「⚙️」Detect which native Windows API's (NtAPI) are being hooked☆38Updated 5 months ago
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆37Updated 8 months ago
- A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure …☆16Updated 3 months ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆14Updated 2 years ago
- A C# implementation that disables Windows Firewall bypassing UAC☆15Updated 7 months ago
- ☆55Updated 7 months ago