Tomiwa-Ot / py-amsiLinks
Scan strings or files for malware using the Windows Antimalware Scan Interface
☆30Updated 2 years ago
Alternatives and similar repositories for py-amsi
Users that are interested in py-amsi are comparing it to the libraries listed below
Sorting:
- Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current pr…☆21Updated last year
- Docker container for running CobaltStrike 4.10☆37Updated 9 months ago
- ☆29Updated last year
- exfiltration/infiltration toolkit☆23Updated last year
- ☆35Updated last year
- ECC Public Key Cryptography☆38Updated last year
- Proof of Concept Exploit for CVE-2024-9465☆29Updated 8 months ago
- Extension functionality for the NightHawk operator client☆27Updated last year
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆33Updated 2 years ago
- ☆55Updated 8 months ago
- C++ Code to perform a MiniDump of lsass.exe☆34Updated last year
- Create PDFs with HTML smuggling attachments that save on opening the document.☆29Updated 2 years ago
- ☆18Updated 8 months ago
- A lightweight HTTP/HTTPS reverse proxy for efficient, policy-based traffic filtering and redirection.☆45Updated 2 years ago
- MacroExploit use in excel sheet☆20Updated 2 years ago
- A simple website to act as a store for havoc modules and extensions☆27Updated 5 months ago
- ☆34Updated 3 months ago
- Identify binaries with Authenticode digital signatures signed to an internal CA/domain☆40Updated last year
- Generate AES128 and AES256 Kerberos keys from a given username, password, and realm☆18Updated 9 months ago
- A pure C version of SymProcAddress☆27Updated last year
- A simple rpc2socks alternative in pure Go.☆28Updated 11 months ago
- POC for CVE-2024-3183 (FreeIPA Rosting)☆22Updated 10 months ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆20Updated 2 years ago
- Mythic C2 wrapper for NimSyscallPacker☆25Updated 3 months ago
- Cobalt Strike BOFS☆16Updated last year
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆42Updated 10 months ago
- Slides and videos from talks given at cons☆20Updated last week
- A remote unauthenticated DOS POC exploit that targets the authentication implementation of Havoc.☆38Updated last year
- ☆27Updated 2 years ago
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆47Updated last year