MzHmO / DebugAmsi
DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.
☆96Updated last year
Alternatives and similar repositories for DebugAmsi:
Users that are interested in DebugAmsi are comparing it to the libraries listed below
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆147Updated last week
- reflectively load and execute PEs locally and remotely bypassing EDR hooks☆151Updated last year
- ☆144Updated 7 months ago
- ☆181Updated last year
- ☆120Updated last year
- Construct the payload at runtime using an array of offsets☆63Updated 9 months ago
- Adversary Emulation Framework☆92Updated 8 months ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆147Updated last year
- ☆149Updated 3 months ago
- Do some DLL SideLoading magic☆79Updated last year
- WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"☆118Updated 8 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆84Updated 8 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated last year
- ☆108Updated 4 months ago
- Shellcode loader☆77Updated 3 months ago
- Flexible LDAP proxy that can be used to inspect & transform all LDAP packets generated by other tools on the fly.☆107Updated 3 months ago
- ☆103Updated last month
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆118Updated 5 months ago
- ☆119Updated last year
- Lateral Movement☆123Updated last year
- A modification to fortra's CVE-2023-28252 exploit, compiled to exe☆53Updated last year
- ☆149Updated last year
- ☆125Updated 6 months ago
- My implementation of the GIUDA project in C++☆180Updated last year
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆73Updated 7 months ago