TwoSevenOneT/IAmAntimalware

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/TwoSevenOneT/IAmAntimalware)

TwoSevenOneT / IAmAntimalware

This tool helps inject code into the processes of Antivirus programs.

☆188

Alternatives and similar repositories for IAmAntimalware

Users that are interested in IAmAntimalware are comparing it to the libraries listed below

Sorting:

TwoSevenOneT / EDRStartupHinder
View on GitHub
EDRStartupHinder: A red team tool to prevent Antivirus and EDR from running.
☆190Jan 11, 2026Updated 2 months ago
TwoSevenOneT / CertClone
View on GitHub
The tool used to clone the digital signatures of legitimate programs
☆59Oct 11, 2025Updated 5 months ago
Cobalt-Strike / eden
View on GitHub
A PoC UDRL for Cobalt Strike built with Crystal Palace that combines Raphael Mudge's page streaming technique with a modular call gate (D…
☆107Jan 21, 2026Updated last month
leftp / SharpPXE
View on GitHub
A C# tool for extracting information from SCCM PXE boot media.
☆51Jan 14, 2026Updated 2 months ago
FajarTheGGman / WhoAreYou
View on GitHub
#Simple program to track someone by send malicious link
☆14May 17, 2020Updated 5 years ago
eversinc33 / drvtrace
View on GitHub
WinDbg plugin to trace module transitions from a debugged driver.
☆46Dec 22, 2025Updated 2 months ago
mantvydasb / RdpThief
View on GitHub
Extracting Clear Text Passwords from mstsc.exe using API Hooking.
☆18Nov 17, 2019Updated 6 years ago
Maldev-Academy / Alphabetfuscation
View on GitHub
Convert your shellcode into an ASCII string
☆127Jun 27, 2025Updated 8 months ago
6uard1an / rcHack
View on GitHub
Discord RAT made in powershell (open source)
☆12Jul 16, 2025Updated 8 months ago
TwoSevenOneT / DefenderWrite
View on GitHub
A tool that supports finding and abusing whitelisted programs to allow arbitrary file writing into the executable folder of Antivirus sof…
☆82Nov 1, 2025Updated 4 months ago
voidvxvi / HellBunny
View on GitHub
Shellcode loader written in C and Assembly utilizing direct or indirect syscalls to evade UM EDR hooks
☆139Dec 22, 2024Updated last year
wesmar / KernelResearchKit
View on GitHub
Windows 11 kernel research framework demonstrating DSE bypass on Windows 11 25H2 through boot-time execution. Loads unsigned drivers by s…
☆95Dec 22, 2025Updated 2 months ago
0xTriboulet / rssh-rs
View on GitHub
☆55May 31, 2025Updated 9 months ago
LuemmelSec / AD-Ghost
View on GitHub
☆57Nov 18, 2025Updated 4 months ago
knight0x07 / NailaoLoader-Hiding-Execution-Flow
View on GitHub
NailaoLoader: Hiding Execution Flow via Patching
☆23Feb 27, 2025Updated last year
florianib / rusty_drivers
View on GitHub
BYOVD collection
☆24Mar 20, 2024Updated 2 years ago
ChaitanyaHaritash / IllusiveFog
View on GitHub
Windows Administrator level Implant.
☆50Sep 28, 2024Updated last year
jsecu / ModTask
View on GitHub
☆53Sep 23, 2025Updated 5 months ago
sensepost / CVE-2025-64446
View on GitHub
A scanner for the FortiNet vulnerability CVE-2025-64446
☆30Nov 18, 2025Updated 4 months ago
lsecqt / Find-AdminAccess
View on GitHub
This C# tool sprays for admin access over the entire domain
☆90Dec 7, 2025Updated 3 months ago
decoder-it / NewMachineAccount
View on GitHub
☆39Feb 26, 2025Updated last year
p0dalirius / CrackedNTDStoXLSX
View on GitHub
A python tool to generate an Excel file linking the list of cracked accounts and their LDAP attributes.
☆12Jan 31, 2025Updated last year
ethiack / moltbot-1click-rce
View on GitHub
Clawdbot/Moltbot/OpenClaw One-click RCE PoC 🦞 (CVE-2026-25253)
☆87Jan 27, 2026Updated last month
sashathomas / evil-jea
View on GitHub
A small WinRM client designed for interacting with JEA endpoints.
☆13Aug 29, 2024Updated last year
rat-pac / ratpac-two
View on GitHub
Open source edition of RAT-PAC
☆19Mar 9, 2026Updated last week
hdbreaker / Nimhawk
View on GitHub
A powerful, modular, lightweight and efficient command & control framework written in Nim.
☆221Nov 3, 2025Updated 4 months ago
DarkSpaceSecurity / RunAs-Stealer
View on GitHub
RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging
☆205Mar 6, 2025Updated last year
logangoins / Krueger
View on GitHub
Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC
☆424Sep 29, 2025Updated 5 months ago
grayhatkiller / SharpExShell
View on GitHub
SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.
☆75May 1, 2024Updated last year
giladgressel / python_scripting_for_security_exercises
View on GitHub
Ungraded practice exercises for python scripting for security course.
☆12Jun 22, 2025Updated 8 months ago
D3Ext / Captcha-Bypassing-Lab
View on GitHub
PHP lab to test captcha bypassing
☆30Jan 8, 2024Updated 2 years ago
rasta-mouse / process-inject-kit
View on GitHub
Port of Cobalt Strike's Process Inject Kit
☆192Dec 1, 2024Updated last year
I3IT / Detect.Remote.ShadowSnapshot.Dump
View on GitHub
Detect Remote Local Credentials Dumping using a Shadow Snapshot
☆32Jan 27, 2025Updated last year
MythicAgents / Xenon
View on GitHub
A Mythic agent for Windows written in C
☆162Mar 1, 2026Updated 2 weeks ago
outflanknl / unmanaged-dotnet-patch
View on GitHub
Modify managed functions from unmanaged code
☆53Feb 1, 2024Updated 2 years ago
lsecqt / SessionView
View on GitHub
A portable C# utility for enumerating local and remote windows sessions
☆57Jan 1, 2026Updated 2 months ago
DarkSpaceSecurity / SSH-Stealer
View on GitHub
Smart keylogging capability to steal SSH Credentials including password & Private Key
☆152Mar 26, 2025Updated 11 months ago
EricEsquivel / CobaltStrike-Linux-Beacon
View on GitHub
Proof of Concept (PoC) implant for creating custom Cobalt Strike Beacons
☆192Feb 11, 2026Updated last month
Ansh-Vortex / Vortex-Advance-RAT
View on GitHub
Advance Open-Source RAT Builder Access via Telegram Bot with over 60+ commands
☆46Feb 14, 2026Updated last month