This repository contains several AMSI bypasses. These bypasses are based on some very nice research that has been put out by some awesome people. I really recommend checking them out: https://i.blackhat.com/Asia-22/Friday-Materials/AS-22-Korkos-AMSI-and-Bypass.pdf and https://rastamouse.me/memory-patching-amsi-bypass/
☆23Jul 7, 2022Updated 3 years ago
Alternatives and similar repositories for AMSI-Bypasses
Users that are interested in AMSI-Bypasses are comparing it to the libraries listed below
Sorting:
- Defeating Anti-Debugging Techniques for Malware Analysis☆12Oct 1, 2022Updated 3 years ago
- ☆18Dec 9, 2023Updated 2 years ago
- ☆13Mar 28, 2024Updated last year
- Proof of concept for the command injection vulnerability affecting the ZTE MF286R router, including an RCE exploit.☆10Jan 7, 2023Updated 3 years ago
- All things Binary Exploitation, Memory, Assembly and Corruptions.☆10Sep 25, 2020Updated 5 years ago
- This repository contains a list of python scripts to work with Microsoft RPC for research purposes.☆51Jan 31, 2025Updated last year
- An adaptation of timwhitez's proxycall that uses kernelbase.dll!Beep.☆16Nov 1, 2023Updated 2 years ago
- LibreHealth v2.0.0 suffers from an authenticated file upload vulnerability allowing remote attackers to gain remote code execution (RCE) …☆13Jul 19, 2020Updated 5 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Apr 4, 2023Updated 2 years ago
- A tool capable of bypassing easy root detection mechanisms by patching applications automatically (without frida).☆32Jun 20, 2024Updated last year
- Spring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947)☆11Apr 15, 2022Updated 3 years ago
- 🐍 Python Exploit for CVE-2022-23935☆11Feb 10, 2023Updated 3 years ago
- Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.☆30Jun 7, 2023Updated 2 years ago
- ☆18Sep 24, 2024Updated last year
- ☆18Jun 25, 2024Updated last year
- Scanner for CVE-2022-22948 an Information Disclosure in VMWare vCenter☆12May 9, 2023Updated 2 years ago
- ☆23Nov 29, 2023Updated 2 years ago
- Cumulus is web application weakness monitoring, works with just 3 code lines☆40Jan 27, 2023Updated 3 years ago
- ☆72Aug 2, 2022Updated 3 years ago
- ☆39May 20, 2023Updated 2 years ago
- ☆12Nov 21, 2023Updated 2 years ago
- POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability.☆17Jun 18, 2025Updated 8 months ago
- An interactive TUI tool to create Brute Ratel C4 profiles based on BURP browsing data.☆31May 23, 2025Updated 9 months ago
- Another vulnerability scanner☆18Aug 9, 2025Updated 6 months ago
- resource-based constrained delegation RBCD☆46Jan 15, 2022Updated 4 years ago
- CVE-2022-32119 - Arox-Unrestricted-File-Upload☆17Dec 20, 2023Updated 2 years ago
- Docker for the latest gophish with stealth configuration from sneaky_gophish☆16Apr 5, 2024Updated last year
- Exploits a flaw in Remote Desktop Plus by monitoring and decrypting temporary .rdp files in %localappdata%/Temp, revealing credentials us…☆17Jul 3, 2025Updated 7 months ago
- Apache APISIX Remote Code Execution (CVE-2022-24112) proof of concept exploit☆13Mar 16, 2022Updated 3 years ago
- Yet Another Memory Analyzer for malware detection☆24Aug 4, 2023Updated 2 years ago
- ☆84Nov 21, 2024Updated last year
- Exploit for CVE-2022-30206☆76Sep 25, 2022Updated 3 years ago
- ☆59Oct 24, 2024Updated last year
- This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …☆256Jul 7, 2022Updated 3 years ago
- spring-cloud-function SpEL RCE复现环境&poc☆24Mar 30, 2022Updated 3 years ago
- Script to test NetSec capabilities.☆21May 1, 2023Updated 2 years ago
- A tool for steganography of png files .☆24Jul 27, 2022Updated 3 years ago
- Run payload like a Lazarus Group (UuidFromStringA). C++ implementation☆20Jul 24, 2022Updated 3 years ago
- Retrieve AD accounts description and search for password in it☆82Jul 21, 2022Updated 3 years ago