Alternatives and similar repositories for Bypass-AMSI

Users that are interested in Bypass-AMSI are comparing it to the libraries listed below

• 0x727 / UserRegEnum_0x727
  域内普通域用户权限查找域内所有计算机上登录的用户
  ☆151Updated 2 years ago
• bestspear / SharkOne
  Cobalt Strike 二开项目
  ☆185Updated 2 years ago
• Rvn0xsy / SchtaskCreator
  远程创建任务计划工具
  ☆190Updated 3 years ago
• INotGreen / Xiebro-Plugins
  xiebroC2 plugin
  ☆55Updated 7 months ago
• PDWR / 3vilGu4rd
  This is a daemon process which make a programe runing all time.
  ☆84Updated 3 years ago
• XiaoliChan / zerologon-Shot
  Zerologon exploit with restore DC password automatically
  ☆140Updated last year
• baiyies / ScreenshotBOFPlus
  Take a screenshot without injection for Cobalt Strike
  ☆201Updated 2 years ago
• yanghaoi / ridhijack
  通过C/C++实现的 Windows RID Hijacking persistence technique (RID劫持 影子账户 账户克隆).
  ☆84Updated 3 years ago
• xiecat / AlternativeShellcodeExec-Go
  ☆36Updated 2 years ago
• qi4L / CallbackLoader-go
  Callback Function Loader Implemented in Go
  ☆140Updated last year
• lele8 / SharpUserIP
  获取服务器或域控登录日志
  ☆276Updated 2 years ago
• TryGOTry / AutoGeaconC2
  AutoGeaconC2: 一键读取Profile自动化生成geacon实现跨平台上线CobaltStrike
  ☆142Updated last year
• qigpig / Ghosting-BOF
  主要用于隐藏进程真实路径，进程带windows真签名
  ☆114Updated last year
• INotGreen / Webshell-loader
  ASPX内存执行shellcode,绕过Windows Defender（AV/EDR）
  ☆126Updated last year
• Peithon / scLoader
  CS shellcode 加载器
  ☆61Updated 3 years ago
• Aquilao / GoTokenTheft
  Token stealing tool written by Go. Bypass Kaspersky,Defender,Avira, etc./Go 编写的 Token 窃取工具。免杀卡巴、Defender、小红伞等杀软
  ☆179Updated 9 months ago
• mabangde / SharpGetUserLoginIPRPC
  提取域控日志，支持远程提取
  ☆168Updated 7 months ago
• 0x727 / CloudSandbox
  收集云沙箱上线C2的ip，如微X、奇XX、3X0、virustX等
  ☆125Updated 2 years ago
• d3ckx1 / CS-Auto-migrate
  ☆27Updated 3 years ago
• raspberryhusky / antiVirusCheck
  cobaltstrike 直接判断目标beacon存在的杀软
  ☆47Updated 3 years ago
• VMsec / POMS17010
  ☆19Updated 3 years ago
• M0nster3 / Beacon
  重构Beacon
  ☆161Updated last year
• Dido1960 / random_c2_profile
  Cobalt Strike random C2 Profile 修改版（适配腾讯云函数，亚马逊云函数和CrossC2自定义protocol）
  ☆90Updated 2 years ago
• 1y0n / AVKiller
  一种通过进程注入实现强制关闭部分杀软进程的方法（以360安全卫士和360杀毒为例）
  ☆137Updated last year
• Mr-xn / ShellcodeLoader
  该项目为Shellocde加载器，详细介绍了我们如何绕过防病毒软件，以及该工具如何使用
  ☆42Updated 3 years ago
• atomxw / cobaltstrike4.5_cdf
  cobaltstrike4.5版本破/解、去除checksum8特征、bypass BeaconEye、修复错误路径泄漏stage、增加totp双因子验证、修复CVE-2022-39197等
  ☆46Updated 3 years ago
• wangfly-me / SysHttpHookSleep
  集合多种方式的ShellcodeLoader
  ☆127Updated 2 years ago
• TryA9ain / BypassAddUser
  绕过杀软添加用户
  ☆46Updated 4 years ago
• Jumbo-WJB / PTH_Exchange
  If you only have hash, you can still operate exchange
  ☆77Updated 4 years ago
• yutianqaq / Supernova_CN
  Supernova 的中文版和扩展了一些加密方式（ROT, XOR, RC4, AES, CHACHA20, B64XOR, B64RC4, B64AES, B64CHACHA20）
  ☆55Updated last year