Bypasses AMSI protection through remote memory patching and parsing technique.
☆54May 12, 2025Updated 9 months ago
Alternatives and similar repositories for EvilByte-Remote-AMSI-Bypass
Users that are interested in EvilByte-Remote-AMSI-Bypass are comparing it to the libraries listed below
Sorting:
- PhantomDelay is a precise delay function that uses the Windows high resolution performance counter to pause your program for a specified …☆19May 8, 2025Updated 9 months ago
- A lightweight tool that injects a custom assembly proxy into a target process to silently bypass ETW scanning by redirecting ETW calls to…☆45Jun 1, 2025Updated 8 months ago
- ☆26Aug 11, 2025Updated 6 months ago
- Pattern-based AMSI bypass that patches AMSI.dll in memory by modifying comparison values, conditional jumps, and function prologues to ne…☆27May 13, 2025Updated 9 months ago
- ATL.dll and WmiMgmt.msc UAC Bypass☆12Apr 26, 2025Updated 10 months ago
- A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuf…☆62May 16, 2025Updated 9 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆103Apr 27, 2025Updated 10 months ago
- Stealthy x64 thread manipulation library for calling functions inside target processes without creating remote threads or installing hook…☆59Oct 10, 2025Updated 4 months ago
- Whenever PowerShell is launched, Notepad will also open. You can customize the script for educational purposes, but I emphasize that I do…☆12Apr 21, 2025Updated 10 months ago
- Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…☆15Apr 21, 2025Updated 10 months ago
- Patches the AmsiScan function in clr.dll allowing for unrestricted assembly loading in .NET☆50May 5, 2025Updated 9 months ago
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.☆51May 22, 2025Updated 9 months ago
- Yet another shellcode loader - but a sneaky one☆25Apr 16, 2025Updated 10 months ago
- A mutliple tactics to execute shellcode in go :}☆23Apr 21, 2025Updated 10 months ago
- Generate Proxy DLLs in Rust☆47Sep 2, 2025Updated 5 months ago
- A fucking real shellcode loader with a GUI. Work-in-Progress.☆82Jun 25, 2025Updated 8 months ago
- Obfuscate payloads using IPv4, IPv6, MAC or UUID strings☆23Feb 17, 2024Updated 2 years ago
- demo unhooking functions in ntdll☆28Jul 15, 2025Updated 7 months ago
- How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.☆25Apr 21, 2025Updated 10 months ago
- kASLR bypass technique on Intel CPUs.☆32May 18, 2025Updated 9 months ago
- Ransomware written in go, encrypt - decrypt.☆30Apr 27, 2025Updated 10 months ago
- Unhook Ntdll.dll, Go & C++.☆33Apr 21, 2025Updated 10 months ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆26Apr 21, 2025Updated 10 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆92Apr 27, 2025Updated 10 months ago
- kernel-mode DLL Injector☆126Apr 24, 2025Updated 10 months ago
- Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package.☆77Apr 27, 2025Updated 10 months ago
- ☆14Jul 26, 2025Updated 7 months ago
- Attack Active Directory Trusts with a single tool☆14Jan 15, 2025Updated last year
- A powerful Windows command-line tool for analyzing and searching ETW (Event Tracing for Windows) provider permissions from the Windows re…☆62Jul 29, 2025Updated 6 months ago
- GenZ Shellcode Generator to execute commands with winExec API☆22Apr 27, 2025Updated 10 months ago
- ☆85May 15, 2025Updated 9 months ago
- Step-by-step documentation on how to decrypt SCCM database secrets offline☆50Oct 20, 2025Updated 4 months ago
- Remote DLL Injection with Timer-based Shellcode Execution☆154Jul 18, 2025Updated 7 months ago
- ☆21Jan 8, 2026Updated last month
- Eset-Unload is a C++ tool that interacts with a process's loaded modules to identify and unload the ebehmoni.dll module, typically found …☆12Apr 21, 2025Updated 10 months ago
- A tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs)☆61Feb 4, 2026Updated 3 weeks ago
- ☆198Mar 28, 2025Updated 10 months ago
- Go Based Crypter That Can Bypass Any Kinds Of Antivirus Products, payload crypter supports over 4 programming languages.☆61Apr 27, 2025Updated 10 months ago
- Custom Amsi Bypass by patching AmsiOpenSession function in amsi.dll☆50Jun 16, 2025Updated 8 months ago