Vith0r / Patch-AmsiLinks
Bypassing amsi.dll via memory patch, simple code!
☆12Updated 11 months ago
Alternatives and similar repositories for Patch-Amsi
Users that are interested in Patch-Amsi are comparing it to the libraries listed below
Sorting:
- Indirect Syscalls Loader☆16Updated 11 months ago
- EDR & AV Bypass Arsenal— a comprehensive collection of tools, patches, and techniques for evading modern EDR and antivirus defenses.☆28Updated 2 weeks ago
- ☆17Updated last month
- PandaCrypter is a C#-based tool designed to convert PowerShell scripts into obfuscated batch files (.bat) with encryption and additional …☆17Updated 2 months ago
- ☆49Updated last year
- A Free Open sourced crypter that builds a output .NET .exe Stub (Updated whenever I feel like it)☆20Updated this week
- Write-ups and proof of concepts of design and implementaion of various modern malwares.☆29Updated 2 years ago
- ☆11Updated last year
- ☆26Updated 7 months ago
- Nim process hollowing loader☆60Updated 2 months ago
- Injecting DLL into LSASS at boot☆143Updated 5 months ago
- "Service-less" driver loading☆162Updated 10 months ago
- Windows rootkit designed to work with BYOVD exploits☆210Updated 9 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆84Updated 5 months ago
- Hidden Features Full Hidden Access Hidden Desktop Hidden Browsers Hidden Cmd Clone Profile Hidden PowerShell Hidden Explorer Hidde…☆16Updated 3 years ago
- A runtime Crypter written in C++ to bypass AVs signature based detection☆37Updated 2 years ago
- ☆41Updated last year
- BSides Prishtina 2024 Malware Development and Persistence workshop☆99Updated 4 months ago
- A unique introduction to native runtime obfuscation.☆73Updated 7 months ago
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆234Updated 11 months ago
- Process hollowing C# shellcode runner that is FUD against Microsoft Defender as of October 7, 2023.☆21Updated 2 years ago
- This is the loader that supports running a program with Protected Process Light (PPL) protection functionality.☆249Updated last month
- Sleep obfuscation☆243Updated 10 months ago
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆191Updated last month
- C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, p…☆157Updated last week
- Pattern-based AMSI bypass that patches AMSI.dll in memory by modifying comparison values, conditional jumps, and function prologues to ne…☆24Updated 5 months ago
- The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls☆210Updated last year
- SysCaller: SDK for WindowsAPI via syscalls. Dynamic Resolution, Obfuscation, Multi-Language Bindings, & more!☆49Updated 2 weeks ago
- ( 0day ) Local Privilege Escalation in IObit Malware Fighter☆157Updated 6 months ago
- A Very Cool Process Injector That supports both Shellcode injection and dll injection☆18Updated 3 weeks ago