Lifetime AMSI bypass.
☆36Apr 21, 2025Updated 10 months ago
Alternatives and similar repositories for Lifetime-AmsiBypass
Users that are interested in Lifetime-AmsiBypass are comparing it to the libraries listed below
Sorting:
- Whenever PowerShell is launched, Notepad will also open. You can customize the script for educational purposes, but I emphasize that I do…☆12Apr 21, 2025Updated 10 months ago
- A Documentation for my module PS2BAT, it converts Powershell Scripts to Batchfile ones.☆11Apr 21, 2025Updated 10 months ago
- Parent Process ID Spoofing, coded in CGo.☆24Apr 21, 2025Updated 10 months ago
- A malicous Golang Package☆15Apr 21, 2025Updated 10 months ago
- Passworld is a fully customizable wordlist generator☆16Sep 13, 2024Updated last year
- ☆11Dec 8, 2023Updated 2 years ago
- Malware development in Go, learn today, anti dynamic analysis & Static & sandboxes.☆15Apr 21, 2025Updated 10 months ago
- 💎 | RubyRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Ruby☆10Apr 21, 2025Updated 10 months ago
- ☆21Jan 8, 2026Updated last month
- Kill malawarebytes process. Can be ported to any programming language.☆12Apr 21, 2025Updated 10 months ago
- Enable-All-Tokens is a Go-based project designed to adjust and enable a list of specified privileges for the current process token on a W…☆10Apr 21, 2025Updated 10 months ago
- ☆20Mar 21, 2024Updated last year
- Beacon Object Files used for Cobalt Strike☆19Jul 18, 2023Updated 2 years ago
- AV/EDR companies netblocks☆18Nov 9, 2021Updated 4 years ago
- Beacon Object File implementation of Yaxser's Backstab☆15Mar 9, 2022Updated 3 years ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆26Apr 21, 2025Updated 10 months ago
- Examples how to use a Assm (Assembly) in a go.☆23Apr 21, 2025Updated 10 months ago
- Scripts for public use that we've randomly written, or have updated from other people's work.☆40Jun 25, 2024Updated last year
- Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver☆294Apr 21, 2025Updated 10 months ago
- ☆126Sep 1, 2024Updated last year
- Post-Ex BOF tooling for Hannibal☆24Nov 20, 2024Updated last year
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆128Oct 4, 2024Updated last year
- A PoC for achieving persistence via push notifications on Windows☆48Jun 9, 2023Updated 2 years ago
- RunPE adapted for x64 and written in C, does not use RWX☆28May 18, 2024Updated last year
- Rapidly building a Windows 10 system to use for dynamic malware analysis (sandbox), sending data to Elastic Cloud.☆50Sep 1, 2023Updated 2 years ago
- Rubber Ducky powered by NeoKey☆29Jun 3, 2024Updated last year
- ☆79Aug 5, 2024Updated last year
- Covert data exfiltration via DNS☆51Feb 8, 2025Updated last year
- Ludus roles to deploy ASR rules and MDI auditing settings☆16Aug 5, 2025Updated 6 months ago
- Rehashing APIs to prevent hash based detection☆14Jan 7, 2025Updated last year
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆30Sep 24, 2025Updated 5 months ago
- A collection of handy and specific tools for the Red Teamer☆11Aug 13, 2024Updated last year
- Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…☆15Apr 21, 2025Updated 10 months ago
- An adaptation of timwhitez's proxycall that uses kernelbase.dll!Beep.☆16Nov 1, 2023Updated 2 years ago
- Home of https://redteam.guide☆15Sep 19, 2022Updated 3 years ago
- ☆25Feb 9, 2022Updated 4 years ago
- Ransomware written in go, encrypt - decrypt.☆30Apr 27, 2025Updated 10 months ago
- Serverless Redirector in various cloud vendor for red team☆73Dec 8, 2022Updated 3 years ago
- 🏴☠️ Hacking Guides, Demos and Proof-of-Concepts 🥷☆219Sep 4, 2025Updated 5 months ago