Tomiwa-Ot / py-amsi
Scan strings or files for malware using the Windows Antimalware Scan Interface
☆29Updated last year
Related projects ⓘ
Alternatives and complementary repositories for py-amsi
- Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current pr…☆18Updated 9 months ago
- A lightweight HTTP/HTTPS reverse proxy for efficient, policy-based traffic filtering and redirection.☆40Updated last year
- Docker container for running CobaltStrike 4.10☆32Updated last month
- ECC Public Key Cryptography☆36Updated last year
- ☆35Updated 2 weeks ago
- exfiltration/infiltration toolkit☆23Updated 10 months ago
- Let's analyze one of the ways to bypass the smart screen and write our own simple cryptor that runs the shellcode☆48Updated last month
- POC for CVE-2024-3183 (FreeIPA Rosting)☆18Updated 2 months ago
- ☆25Updated last year
- ALPChecker - a tool to detect spoofing and blinding attacks on the ALPC interaction☆13Updated last year
- Extension functionality for the NightHawk operator client☆26Updated last year
- DFSCoerce exe revisited version with custom authentication☆35Updated 9 months ago
- Cobalt Strike BOFS☆16Updated 10 months ago
- Generate AES128 and AES256 Kerberos keys from a given username, password, and realm☆15Updated last month
- A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system☆30Updated last week
- A simple rpc2socks alternative in pure Go.☆23Updated 4 months ago
- A remote unauthenticated DOS POC exploit that targets the authentication implementation of Havoc.☆31Updated 11 months ago
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆34Updated last year
- Beacon Object Files (BOF) for Cobalt Strike.☆28Updated 2 months ago
- Proof of Concept Exploit for CVE-2024-9465☆23Updated last month
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆30Updated last year
- Beacon Object Files used for Cobalt Strike☆17Updated last year
- Create PDFs with HTML smuggling attachments that save on opening the document.☆27Updated last year
- A pure C version of SymProcAddress☆23Updated 7 months ago
- .NET port of Leron Gray's azbelt tool.☆26Updated last year
- Tool for obtaining information about PPL processes☆16Updated 9 months ago
- ☆27Updated last year
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆31Updated 5 months ago
- Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)☆40Updated last year
- A utility that can be used to launch an executable with a DLL injected☆19Updated 11 months ago