Alternatives and similar repositories for SyscallAmsiScanBufferBypass

Users that are interested in SyscallAmsiScanBufferBypass are comparing it to the libraries listed below

• S3cur3Th1sSh1t / RDPThiefInject

  View on GitHub
  RDPThief donut shellcode inject into mstsc
  ☆88May 24, 2021Updated 4 years ago
• klezVirus / CandyPotato

  View on GitHub
  Pure C++, weaponized, fully automated implementation of RottenPotatoNG
  ☆313Sep 16, 2021Updated 4 years ago
• S3cur3Th1sSh1t / NamedPipePTH

  View on GitHub
  Pass the Hash to a named pipe for token Impersonation
  ☆146May 1, 2021Updated 4 years ago
• JohnWoodman / stealthInjector

  View on GitHub
  Injects shellcode into remote processes using direct syscalls
  ☆77Dec 30, 2020Updated 5 years ago
• S3cur3Th1sSh1t / LDAP-Signing-Scanner

  View on GitHub
  A little scanner to check the LDAP Signing state
  ☆46Aug 2, 2021Updated 4 years ago
• djhohnstein / CSharpSetThreadContext

  View on GitHub
  C# Shellcode Runner to execute shellcode via CreateRemoteThread and SetThreadContext to evade Get-InjectedThread
  ☆119Apr 9, 2019Updated 6 years ago
• NVISOsecurity / brown-bags

  View on GitHub
  ☆112Jul 24, 2023Updated 2 years ago
• G0ldenGunSec / SharpTransactedLoad

  View on GitHub
  Load .net assemblies from memory while having them appear to be loaded from an on-disk location.
  ☆173May 5, 2021Updated 4 years ago
• GetRektBoy724 / SharpUnhooker

  View on GitHub
  C# Based Universal API Unhooker
  ☆411Feb 18, 2022Updated 3 years ago
• S3cur3Th1sSh1t / MultiPotato

  View on GitHub
  ☆539Nov 20, 2021Updated 4 years ago
• Barbarisch / forkatz

  View on GitHub
  credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege
  ☆123May 22, 2021Updated 4 years ago
• cube0x0 / ParallelSyscalls

  View on GitHub
  C# version of MDSec's ParallelSyscalls
  ☆141Jan 9, 2022Updated 4 years ago
• Flangvik / RosFuscator

  View on GitHub
  YouTube/Livestream project for obfuscating C# source code using Roslyn
  ☆129May 9, 2021Updated 4 years ago
• IlanKalendarov / SharpHook

  View on GitHub
  SharpHook is an offensive API hooking tool designed to catch various credentials within the API call.
  ☆321Jul 1, 2021Updated 4 years ago
• OG-Sadpanda / SharpSword

  View on GitHub
  Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly
  ☆117Sep 30, 2024Updated last year
• boku7 / HellsGatePPID

  View on GitHub
  Assembly HellGate implementation that directly calls Windows System Calls and displays the PPID of the explorer.exe process
  ☆107Mar 8, 2023Updated 2 years ago
• mobdk / Upsilon

  View on GitHub
  Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used
  ☆92Aug 26, 2021Updated 4 years ago
• med0x2e / ExecuteAssembly

  View on GitHub
  Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS head…
  ☆595Jul 26, 2021Updated 4 years ago
• S3cur3Th1sSh1t / SharpNamedPipePTH

  View on GitHub
  Pass the Hash to a named pipe for token Impersonation
  ☆313Nov 29, 2023Updated 2 years ago
• EncodeGroup / UAC-SilentClean

  View on GitHub
  New UAC bypass for Silent Cleanup for CobaltStrike
  ☆191Jul 14, 2021Updated 4 years ago
• S3cur3Th1sSh1t / SharpImpersonation

  View on GitHub
  A User Impersonation tool - via Token or Shellcode injection
  ☆422May 21, 2022Updated 3 years ago
• boku7 / HOLLOW

  View on GitHub
  EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and e…
  ☆292Mar 8, 2023Updated 2 years ago
• Yaxser / SharpPhish

  View on GitHub
  Using outlook COM objects to create convincing phishing emails without the user noticing. This project is meant for internal phishing.
  ☆155Dec 22, 2020Updated 5 years ago
• alfarom256 / BOF-ForeignLsass

  View on GitHub
  ☆101Aug 23, 2021Updated 4 years ago
• moloch-- / DarkLoadLibrary

  View on GitHub
  LoadLibrary for offensive operations
  ☆33Dec 14, 2021Updated 4 years ago
• S3cur3Th1sSh1t / Invoke-SharpLoader

  View on GitHub
  ☆360Apr 24, 2021Updated 4 years ago
• jfmaes / SharpHandler

  View on GitHub
  ☆185Jan 5, 2021Updated 5 years ago
• tomcarver16 / AmsiHook

  View on GitHub
  AmsiHook is a project I created to figure out a bypass to AMSI via function hooking.
  ☆67Jun 14, 2020Updated 5 years ago
• connormcgarr / LittleCorporal

  View on GitHub
  LittleCorporal: A C# Automated Maldoc Generator
  ☆229Jul 30, 2021Updated 4 years ago
• boku7 / injectAmsiBypass

  View on GitHub
  Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.
  ☆382Mar 8, 2023Updated 2 years ago
• hasherezade / transacted_hollowing

  View on GitHub
  Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging
  ☆581Mar 8, 2024Updated last year
• Flangvik / DeployPrinterNightmare

  View on GitHub
  C# tool for installing a shared network printer abusing the PrinterNightmare bug to allow other network machines easy privesc!
  ☆183Aug 4, 2021Updated 4 years ago
• anthemtotheego / CredBandit

  View on GitHub
  Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…
  ☆219Jul 14, 2021Updated 4 years ago
• mez-0 / CSharpWinRM

  View on GitHub
  .NET 4.0 WinRM API Command Execution
  ☆166Sep 11, 2020Updated 5 years ago
• klezVirus / CheeseTools

  View on GitHub
  Self-developed tools for Lateral Movement/Code Execution
  ☆718Aug 17, 2021Updated 4 years ago
• kyleavery / inject-assembly

  View on GitHub
  Inject .NET assemblies into an existing process
  ☆508Jan 19, 2022Updated 4 years ago
• SolomonSklash / SleepyCrypt

  View on GitHub
  A shellcode function to encrypt a running process image when sleeping.
  ☆340Sep 11, 2021Updated 4 years ago
• jsecu / CredManBOF

  View on GitHub
  ☆99Sep 20, 2021Updated 4 years ago
• SolomonSklash / SyscallPOC

  View on GitHub
  Shellcode injection POC using syscalls.
  ☆117Jun 5, 2020Updated 5 years ago