This repository contains several AMSI bypasses. These bypasses are based on some very nice research that has been put out by some awesome people. I really recommend checking them out: https://i.blackhat.com/Asia-22/Friday-Materials/AS-22-Korkos-AMSI-and-Bypass.pdf and https://rastamouse.me/memory-patching-amsi-bypass/
☆23Jul 7, 2022Updated 3 years ago
Alternatives and similar repositories for AMSI-Bypasses
Users that are interested in AMSI-Bypasses are comparing it to the libraries listed below
Sorting:
- All things Binary Exploitation, Memory, Assembly and Corruptions.☆10Sep 25, 2020Updated 5 years ago
- ☆18Dec 9, 2023Updated 2 years ago
- Defeating Anti-Debugging Techniques for Malware Analysis☆12Oct 1, 2022Updated 3 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Apr 4, 2023Updated 2 years ago
- ☆13Mar 28, 2024Updated last year
- Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.☆30Jun 7, 2023Updated 2 years ago
- LibreHealth v2.0.0 suffers from an authenticated file upload vulnerability allowing remote attackers to gain remote code execution (RCE) …☆12Jul 19, 2020Updated 5 years ago
- An adaptation of timwhitez's proxycall that uses kernelbase.dll!Beep.☆16Nov 1, 2023Updated 2 years ago
- ☆18Jun 25, 2024Updated last year
- This repository contains a list of python scripts to work with Microsoft RPC for research purposes.☆51Jan 31, 2025Updated last year
- ☆39May 20, 2023Updated 2 years ago
- Scanner for CVE-2022-22948 an Information Disclosure in VMWare vCenter☆12May 9, 2023Updated 2 years ago
- Spring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947)☆11Apr 15, 2022Updated 3 years ago
- 🐍 Python Exploit for CVE-2022-23935☆11Feb 10, 2023Updated 3 years ago
- ☆72Aug 2, 2022Updated 3 years ago
- A tool capable of bypassing easy root detection mechanisms by patching applications automatically (without frida).☆32Jun 20, 2024Updated last year
- CVE-2022-32119 - Arox-Unrestricted-File-Upload☆17Dec 20, 2023Updated 2 years ago
- Proof of concept for the command injection vulnerability affecting the ZTE MF286R router, including an RCE exploit.☆11Jan 7, 2023Updated 3 years ago
- Adds a "poor man's" Undo capability to the Windows companion apps for FFG board games, including Mansions of Madness Second Edition, Desc…☆20Dec 30, 2021Updated 4 years ago
- Yet, Another Packer/Loader☆25Feb 26, 2023Updated 3 years ago
- An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities☆63Aug 25, 2022Updated 3 years ago
- Docker for the latest gophish with stealth configuration from sneaky_gophish☆16Apr 5, 2024Updated last year
- ☆18Sep 24, 2024Updated last year
- Bypass Malware Time Delays☆107Sep 23, 2022Updated 3 years ago
- ☆207Feb 24, 2022Updated 4 years ago
- Exploit for CVE-2022-30206☆76Sep 25, 2022Updated 3 years ago
- ☆59Oct 24, 2024Updated last year
- List/Read contents of Zip files (in memory and without extraction) using CobaltStrike's Execute-Assembly☆61May 24, 2022Updated 3 years ago
- Use NAT to reroute an applications UDP traffic for MITM purposes.☆11Sep 30, 2019Updated 6 years ago
- POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability.☆17Jun 18, 2025Updated 9 months ago
- Retrieve AD accounts description and search for password in it☆81Jul 21, 2022Updated 3 years ago
- This repository provides the core to build your own External C2 Server and Connector for Brute Ratel C4☆55May 8, 2022Updated 3 years ago
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆112Jul 15, 2023Updated 2 years ago
- My solutions for pwn and reversing challenges☆11Mar 18, 2018Updated 8 years ago
- An interactive TUI tool to create Brute Ratel C4 profiles based on BURP browsing data.☆31May 23, 2025Updated 10 months ago
- Interact with Windows RPC Services over SMB using go-smb☆11Feb 27, 2026Updated 3 weeks ago
- ☆85Nov 21, 2024Updated last year
- This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …☆256Jul 7, 2022Updated 3 years ago
- malleable profile generator GUI for Havoc☆55Apr 28, 2023Updated 2 years ago