Alternatives and similar repositories for EByte-Pattern-AmsiPatch

Users that are interested in EByte-Pattern-AmsiPatch are comparing it to the libraries listed below

• EvilBytecode / RubyRedOps
  💎 | RubyRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Ruby
  ☆10Updated 3 weeks ago
• MpCmdRun / uac-bypass
  ATL.dll and WmiMgmt.msc UAC Bypass
  ☆12Updated 2 weeks ago
• sexyiam / UAC-Bypass
  UAC Bypass via CMUACUtil & PEB Enumeration, Undetected for now.
  ☆47Updated last year
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆74Updated 9 months ago
• NtDallas / Ulfberht
  Shellcode loader
  ☆81Updated 5 months ago
• cbrnrd / maliketh
  🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python
  ☆44Updated last year
• NtDallas / Draugr
  BOF with Synthetic Stackframe
  ☆145Updated 2 months ago
• itaymigdal / PartyLoader
  Threadless shellcode injection tool
  ☆64Updated 9 months ago
• CICADA8-Research / TypeLibWalker
  TypeLib persistence technique
  ☆115Updated 6 months ago
• ameenalkerdy / ETWShellcodeLoader
  Shellcode Loader Utilizing ETW Events
  ☆63Updated 2 months ago
• Teach2Breach / dll2shell
  converts sRDI compatible dlls to shellcode
  ☆29Updated 3 months ago
• Retr0-code / hash-dumper
  Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…
  ☆62Updated last year
• R41N3RZUF477 / QuickAssist_UAC_Bypass
  UAC Bypass using UIAccess program QuickAssist
  ☆85Updated 2 months ago
• jakobfriedl / BenevolentLoader
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆89Updated 11 months ago
• Chainski / PandaLoader
  A WIP shellcode loader tool which bypasses AV/EDR, coded in C++, and equipped with a minimal console builder.
  ☆52Updated 3 weeks ago
• iilegacyyii / DataInject-BOF
  Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll
  ☆117Updated 3 weeks ago
• almounah / go-buena-clr
  Good CLR Host with Native patchless AMSI Bypass
  ☆50Updated 3 weeks ago
• ngn13 / shrk
  LKM rootkit for modern kernels, with DNS C2 and a simple web interface
  ☆65Updated last month
• Teach2Breach / moonwalk
  find dll base addresses without PEB WALK
  ☆87Updated last week
• EvilBytecode / Ntdll-Unhook
  Unhook Ntdll.dll, Go & C++.
  ☆22Updated 3 weeks ago
• ahron-chet / GuardBypassToolkit
  A tool that bypasses Windows Defender by manually loading DLLs, parsing EAT directly, and updating IAT with unhooked functions to run M…
  ☆21Updated 10 months ago
• gavz / ExplorerPersist
  Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when …
  ☆84Updated 2 years ago
• EvilBytecode / Nyx-Full-Dll-Unhook
  (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.
  ☆30Updated 3 weeks ago
• mannyfred / SentinelBruh
  Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution
  ☆42Updated 10 months ago
• Vasco0x4 / ShellLoader_Hub
  Shellcode Loader Library.
  ☆10Updated 4 months ago
• caueb / ThreadlessStompingKann
  Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.
  ☆61Updated last year
• zero2504 / Early-Cryo-Bird-Injections
  Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects
  ☆95Updated last month
• tdeerenberg / InlineWhispers3
  Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion
  ☆81Updated last month
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆63Updated 2 weeks ago
• EvilBytecode / Malwarebytes-Shutdowner
  Kill malawarebytes process. Can be ported to any programming language.
  ☆9Updated 3 weeks ago