☆21Jan 28, 2020Updated 6 years ago
Alternatives and similar repositories for AmsiPatchDetection
Users that are interested in AmsiPatchDetection are comparing it to the libraries listed below
Sorting:
- Injects shellcode into remote processes using direct syscalls☆77Dec 30, 2020Updated 5 years ago
- A not-at-all-ordered compilation of random security-related powershell scripts :-)☆12Feb 24, 2022Updated 4 years ago
- MSTSC Packet Dump Utility☆30Feb 11, 2022Updated 4 years ago
- 7 days of Red Teaming TTPs that your favorite tools may use to acheive a post exploitation goal☆18Apr 17, 2021Updated 4 years ago
- AmsiHook is a project I created to figure out a bypass to AMSI via function hooking.☆67Jun 14, 2020Updated 5 years ago
- ☆78Feb 13, 2024Updated 2 years ago
- Bypass Windows defender syscall☆18Jul 17, 2021Updated 4 years ago
- Evil Inject Finder Remote Capability and Parser☆11Nov 22, 2018Updated 7 years ago
- \ PowerAvails Powershell /☆10Jun 30, 2018Updated 7 years ago
- ☆17Jan 28, 2020Updated 6 years ago
- RDPThief donut shellcode inject into mstsc☆88May 24, 2021Updated 4 years ago
- nuke that event log using some epic dinvoke fu☆118May 12, 2021Updated 4 years ago
- Out-of-the-Box Tool to Obfuscate Excel XLS. Include Obfuscation & Hide for Cell Labels & BoundSheets☆48Aug 4, 2021Updated 4 years ago
- Bypass AMSI by patching AmsiScanBuffer☆282Jun 4, 2021Updated 4 years ago
- Public scripts etc.☆19Jan 14, 2024Updated 2 years ago
- BoobSnail allows generating Excel 4.0 XLM macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro generation.☆258Mar 6, 2025Updated last year
- Go reverse shell for Win/Linux/OSX☆17May 15, 2019Updated 6 years ago
- Detect possible sysmon logging bypasses given a specific configuration☆111Dec 26, 2018Updated 7 years ago
- Virtual machine detection. This is done by looking at registry keys, processes, files, internet access and specs such as disk storage, RA…☆18Oct 8, 2021Updated 4 years ago
- Collection of BOFs for Cobalt Strike☆32Mar 28, 2023Updated 2 years ago
- .Net Assembly to block ETW telemetry in current process☆81May 14, 2020Updated 5 years ago
- Automation Engine using the Covenant API and lua scripting☆24Dec 8, 2022Updated 3 years ago
- credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege☆123May 22, 2021Updated 4 years ago
- Overwrite a process's recovery callback and execute with WER☆101Apr 17, 2022Updated 3 years ago
- Run python from a single exe☆36May 1, 2022Updated 3 years ago
- C# application that allows you to quick run SSH commands against a host or list of hosts☆42Sep 21, 2020Updated 5 years ago
- LoadLibrary for offensive operations☆33Dec 14, 2021Updated 4 years ago
- A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…☆41Aug 6, 2021Updated 4 years ago
- Collection of popular DFIR tools in a lightweight and fast docker image☆11Nov 17, 2019Updated 6 years ago
- Tool for interacting with outlook interop during red team engagements☆146Jun 29, 2021Updated 4 years ago
- Run PowerShell command without invoking powershell.exe☆35Nov 22, 2021Updated 4 years ago
- ☆15Aug 17, 2023Updated 2 years ago
- Append custom data to signed pe file and DONOT DESTROY SIGNED STATUS.☆26Mar 13, 2021Updated 5 years ago
- LetMeOutOfYour.net Resources☆21Jul 15, 2020Updated 5 years ago
- ☆18Aug 19, 2021Updated 4 years ago
- ☆19Aug 26, 2020Updated 5 years ago
- OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.☆88Mar 2, 2022Updated 4 years ago
- Execute shellcode with ZwCreateSection, ZwMapViewOfSection, ZwOpenProcess, ZwMapViewOfSection and ZwCreateThreadEx☆15Apr 26, 2021Updated 4 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 5 years ago