EvilBytecode / Lifetime-AmsiBypass
Lifetime AMSI bypass.
☆35Updated 7 months ago
Alternatives and similar repositories for Lifetime-AmsiBypass:
Users that are interested in Lifetime-AmsiBypass are comparing it to the libraries listed below
- Two in one, patch lifetime powershell console, no more etw and amsi!☆83Updated 7 months ago
- A Python based tool to convert custom queries from Legacy BloodHound to BloodHound CE format, with the option to directly upload them to …☆22Updated last month
- Enumerate the Domain for Readable and Writable Shares☆16Updated 8 months ago
- ☆48Updated 3 months ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆38Updated 7 months ago
- Automatically extract and decrypt all configured scanning credentials of a Lansweeper instance.☆35Updated 2 months ago
- ☆52Updated 3 months ago
- GetSystem-LCI is a PowerShell script to escalate privileges from Administrator to NT AUTHORITY\SYSTEM by abusing LanguageComponentsInstal…☆30Updated 2 months ago
- Situational Awareness script to identify how and where to run implants☆45Updated 2 months ago
- Windows Thread Pool Injection Havoc Implementation☆28Updated 10 months ago
- a port of privkit bof for havoc☆23Updated last year
- Utilities for obfuscating shellcode☆51Updated 7 months ago
- A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust☆83Updated 10 months ago
- Sniffing files generator☆51Updated 2 months ago
- A helper script for consolidating Aggressor and BOF repositories into a single CNA for Cobalt Strike.☆13Updated 10 months ago
- ☆47Updated last year
- This workshop is designed to provide you with a solid understanding of IronPython, its integration with the .NET framework, and how it ca…☆39Updated 10 months ago
- Source code and examples for PassiveAggression☆55Updated 8 months ago
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆109Updated 9 months ago
- Info related to the Outflank training: Microsoft Office Offensive Tradecraft☆51Updated 8 months ago
- Tool to extract username and password of current user from PanGPA in plaintext☆82Updated last month
- Scripts I use to deploy Havoc on Linode and setup categorization and SSL☆39Updated 8 months ago
- Example code samples from our ScriptBlock Smuggling Blog post☆87Updated 7 months ago
- Construct the payload at runtime using an array of offsets☆61Updated 7 months ago