Alternatives and similar repositories for EvilByte-Remote-AMSI-Bypass

Users that are interested in EvilByte-Remote-AMSI-Bypass are comparing it to the libraries listed below

• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆63Updated last year
• HulkOperator / AuthStager
  ☆55Updated 8 months ago
• ricardojoserf / NativeTokenImpersonate
  Impersonate Tokens using only NTAPI functions
  ☆77Updated 3 months ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆75Updated 11 months ago
• itaymigdal / PartyLoader
  Threadless shellcode injection tool
  ☆66Updated 11 months ago
• andreisss / Living-off-the-COM-Type-Coercion-Abuse
  This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…
  ☆47Updated 2 months ago
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆72Updated 2 months ago
• Teach2Breach / hollow_rs
  A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.
  ☆30Updated 5 months ago
• voidvxvt / HellBunny
  Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks
  ☆111Updated 6 months ago
• 0xTriboulet / rssh-rs
  ☆51Updated last month
• dmcxblue / Claude-C2
  Utilizng an MCP Server to communicate with your C2
  ☆75Updated 2 months ago
• Karkas66 / CelestialSpark
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆103Updated 3 months ago
• Teach2Breach / pool_party_rs
  remote process injections using pool party techniques
  ☆63Updated 2 weeks ago
• HullaBrian / COMmander
  .NET tool used to enrich RPC telemetry
  ☆87Updated last month
• furax124 / Protect_Loader
  A fucking real shellcode loader with a GUI. Work-in-Progress.
  ☆75Updated 3 weeks ago
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆46Updated last year
• NtDallas / Ulfberht
  Shellcode loader
  ☆89Updated 7 months ago
• rasta-mouse / KerbApp
  ☆29Updated last year
• Krypteria / Proxll
  Tool designed to simplify the generation of proxy DLLs while addressing common conflicts related to windows.h
  ☆38Updated 9 months ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆61Updated 11 months ago
• Retr0-code / hash-dumper
  Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…
  ☆63Updated last year
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆50Updated last year
• zero2504 / Early-Cryo-Bird-Injections
  Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects
  ☆98Updated 3 months ago
• 0xRedpoll / SignalKeyBOF
  BOF to decrypt Signal Desktop chat logs
  ☆65Updated 4 months ago
• almounah / go-buena-clr
  Good CLR Host with Native patchless AMSI Bypass
  ☆81Updated 2 months ago
• OtterHacker / Hooker
  ☆107Updated 8 months ago
• 0xRedpoll / WhatsAppKeyBOF
  A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.
  ☆77Updated 4 months ago
• brosck / L1LKiller
  「⚠️」Performing a BYOVD on the truesight.sys driver
  ☆38Updated 7 months ago
• Maldev-Academy / Alphabetfuscation
  Convert your shellcode into an ASCII string
  ☆94Updated 2 weeks ago
• fin3ss3g0d / NativeThreadpool
  Work, timer, and wait callback example using solely Native Windows APIs.
  ☆89Updated last year