Shellcode and In-PowerShell solution for patching AMSI via Page Guard Exceptions
☆72Nov 15, 2025Updated 6 months ago
Alternatives and similar repositories for AMSI-Bypass-via-Page-Guard-Exceptions
Users that are interested in AMSI-Bypass-via-Page-Guard-Exceptions are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Notion C2 Profile for Mythic☆47Apr 30, 2026Updated last month
- A Beacon Object File suite for Microsoft SQL Server that speaks TDS 7.4 on the wire itself☆96Apr 9, 2026Updated last month
- load arbitrary dlls, call any exported function, calls execute inside g0 as normal syscalls do from the traditional route, no syscall or …☆28May 4, 2026Updated 3 weeks ago
- Step-by-step documentation on how to decrypt SCCM database secrets offline☆50Oct 20, 2025Updated 7 months ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆31Jan 30, 2025Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Interract with Microsoft SQL Server (MS SQL | MSSQL) servers and their linked instances in restricted environments, without the need for …☆65May 22, 2026Updated last week
- ☆26Aug 11, 2025Updated 9 months ago
- HardwareTurningPoint, Fully Go Compatible Hardware Breakpoint☆15Jan 30, 2025Updated last year
- Automated DLL Hijacking Discovery, Validation, and Confirmation. Turning local misconfigurations into weaponized, confirmed attack paths.☆384Apr 18, 2026Updated last month
- C# .NET Assembly to perform LDAP Queries☆28Apr 1, 2021Updated 5 years ago
- Executing Shellcode with ReadDirectoryChanges’s Hidden Callback☆31Oct 13, 2025Updated 7 months ago
- Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11☆86Jan 26, 2026Updated 4 months ago
- Extract the SAM and SYSTEM hives using the Volume Shadow Copy (VSS) API. With exfiltration and XOR obfuscation options. Implemented in C#…☆356Feb 2, 2026Updated 4 months ago
- using wnbios64.sys for arbitrary r/w☆15Oct 12, 2025Updated 7 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Payload Generation Framework☆22Oct 24, 2024Updated last year
- A powerful shell script for creating custom WSL (Windows Subsystem for Linux) distributions with embedded payloads.☆73Nov 16, 2025Updated 6 months ago
- AppLocker-Based EDR Neutralization☆337Dec 19, 2025Updated 5 months ago
- A tool to easily perform GitHub Device Code Phishing on red team engagements☆95Feb 9, 2026Updated 3 months ago
- Overview of MS Defender☆143Feb 20, 2026Updated 3 months ago
- Cobalt Strike BOF for evasive .NET assembly execution☆319Mar 31, 2025Updated last year
- SilentButDeadly is a network communication blocker specifically designed to neutralize EDR/AV software by preventing their cloud connecti…☆456Nov 3, 2025Updated 7 months ago
- proper ntdll .text section unhooking via native api. unlike other unhookers this doesnt leave 2 ntdlls loaded. x86/x64/wow64 supported.☆55Dec 9, 2025Updated 5 months ago
- One WSL BOF to rule them all☆177Jan 14, 2026Updated 4 months ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆25Sep 29, 2023Updated 2 years ago
- Advanced Active Directory network topology analyzer with SMB validation, multiple authentication methods (password/NTLM/Kerberos), and co…☆666May 16, 2026Updated 2 weeks ago
- BAADTokenBroker is a post-exploitation tool designed to interact with Microsoft Entra ID device-bound keys.☆81Apr 11, 2026Updated last month
- Lateral Movement☆126Nov 14, 2023Updated 2 years ago
- a BOF implementation of various registry persistence methods☆97Nov 11, 2025Updated 6 months ago
- A Windows tool that converts LDIF files to BloodHound CE☆32Dec 20, 2025Updated 5 months ago
- custom impacket mssqlclient☆26Sep 16, 2023Updated 2 years ago
- Swiss Army Knife for payload encryption, obfuscation, and conversion to byte arrays – all in a single command (14 output formats supporte…☆223Mar 7, 2026Updated 2 months ago
- Stealthy In-Memory Local Password Harvester (SILPH) tool: dump LSA, SAM and DCC2 with indirect syscall☆136Dec 17, 2025Updated 5 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Filesystem interaction via firebeam virtual machine execution☆54Mar 26, 2026Updated 2 months ago
- ASPX Web Shell with COFF Loader☆130Mar 10, 2026Updated 2 months ago
- Bypass WiFi client isolation on Open and WPA2-PSK networks☆42Oct 14, 2025Updated 7 months ago
- ☆635Feb 5, 2026Updated 3 months ago
- ☆201Mar 28, 2025Updated last year
- PIC shellcode (C/C++) development toolkit designed for malware developers.☆128Dec 23, 2025Updated 5 months ago
- Generate DLL proxy/sideload projects. Automatically parses PE export tables and generates ready-to-compile project for red team engagemen…☆153Mar 8, 2026Updated 2 months ago