Tomiwa-Ot / py-amsi
Scan strings or files for malware using the Windows Antimalware Scan Interface
☆30Updated 2 years ago
Alternatives and similar repositories for py-amsi:
Users that are interested in py-amsi are comparing it to the libraries listed below
- Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current pr…☆20Updated last year
- exfiltration/infiltration toolkit☆23Updated last year
- Docker container for running CobaltStrike 4.10☆36Updated 6 months ago
- A lightweight HTTP/HTTPS reverse proxy for efficient, policy-based traffic filtering and redirection.☆43Updated last year
- Extension functionality for the NightHawk operator client☆27Updated last year
- ☆28Updated last year
- Proof of Concept Exploit for CVE-2024-9465☆29Updated 5 months ago
- Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability☆21Updated last month
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆33Updated 2 years ago
- POC for CVE-2024-3183 (FreeIPA Rosting)☆20Updated 7 months ago
- ☆34Updated last year
- A pure C version of SymProcAddress☆26Updated last year
- DFSCoerce exe revisited version with custom authentication☆38Updated last year
- Cobalt Strike BOFS☆15Updated last year
- Create PDFs with HTML smuggling attachments that save on opening the document.☆29Updated last year
- Beacon Object Files (BOF) for Cobalt Strike.☆28Updated 7 months ago
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆41Updated 8 months ago
- Remote Template Injection Toolkit☆33Updated 11 months ago
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆31Updated 10 months ago
- .NET port of Leron Gray's azbelt tool.☆26Updated last year
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆30Updated last year
- ECC Public Key Cryptography☆37Updated last year
- A simple rpc2socks alternative in pure Go.☆28Updated 8 months ago
- ☆47Updated 2 years ago
- Detect userland hooks placed by AV/EDR☆27Updated last year
- ☆18Updated 5 months ago
- ☆54Updated 5 months ago
- Just another Process Injection using Process Hollowing technique.☆16Updated last year
- MacroExploit use in excel sheet☆20Updated last year
- PoC MSI payload based on ASEC/AhnLab's blog post☆23Updated 2 years ago