Alternatives and similar repositories for Patch-Amsi

Users that are interested in Patch-Amsi are comparing it to the libraries listed below

• Vith0r / Indirect-Syscalls
  Indirect Syscalls Loader
  ☆16Updated last year
• ntdll0 / HVNC
  My POC implementation of HVNC (Hidden VNC / Hidden Desktop)
  ☆26Updated 10 months ago
• Yuragy / Bypass-Protection0x00
  EDR & AV Bypass Arsenal— a comprehensive collection of tools, patches, and techniques for evading modern EDR and antivirus defenses.
  ☆37Updated last week
• jakydibe / Zone
  ☆17Updated last month
• ColeHouston / Sunder
  Windows rootkit designed to work with BYOVD exploits
  ☆211Updated 9 months ago
• hasherezade / waiting_thread_hijacking
  Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread
  ☆246Updated 2 months ago
• V-i-x-x / kernel-callback-removal
  kernel callback removal (Bypassing EDR Detections)
  ☆197Updated 7 months ago
• Kudaes / Eclipse
  Activation Context Hijack
  ☆170Updated 3 months ago
• TwoSevenOneT / CreateProcessAsPPL
  This is the loader that supports running a program with Protected Process Light (PPL) protection functionality.
  ☆269Updated last week
• CICADA8-Research / COMThanasia
  A set of programs for analyzing common vulnerabilities in COM
  ☆235Updated last year
• pard0p / CallstackSpoofingPOC
  C++ self-Injecting dropper based on various EDR evasion techniques.
  ☆414Updated last year
• Logan-Elliott / HollowGhost
  Process hollowing C# shellcode runner that is FUD against Microsoft Defender as of October 7, 2023.
  ☆22Updated 2 years ago
• naksyn / DojoLoader
  Generic PE loader for fast prototyping evasion techniques
  ☆239Updated last year
• moom825 / XenoStealer
  ☆50Updated last year
• Maldev-Academy / LsassHijackingViaReg
  Injecting DLL into LSASS at boot
  ☆145Updated 6 months ago
• JanielDary / ImmoralFiber
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆273Updated last year
• 0xNinjaCyclone / AsmLdr
  Dynamic shellcode loader with sophisticated evasion capabilities
  ☆251Updated last month
• RWXstoned / LdrShuffle
  Code execution/injection technique using DLL PEB module structure manipulation
  ☆209Updated 5 months ago
• 0xHossam / KernelCallbackTable-Injection-PoC
  Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…
  ☆236Updated last year
• Offensive-Panda / DefenseEvasionTechniques
  This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…
  ☆133Updated 5 months ago
• Cracked5pider / earlycascade-injection
  early cascade injection PoC based on Outflanks blog post
  ☆232Updated last year
• Chainski / PandaCrypter
  PandaCrypter is a C#-based tool designed to convert PowerShell scripts into obfuscated batch files (.bat) with encryption and additional …
  ☆38Updated 2 months ago
• klezVirus / DriverJack
  Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths
  ☆351Updated last year
• 0xJs / BYOVD_read_write_primitive
  Proof of Concepts code for Bring Your Own Vulnerable Driver techniques
  ☆194Updated 2 months ago
• C5Hackr / Eclipse
  A unique introduction to native runtime obfuscation.
  ☆74Updated 8 months ago
• 0xNinjaCyclone / EarlyCascade
  A PoC for Early Cascade process injection technique.
  ☆198Updated 9 months ago
• rad9800 / hwbp4mw
  ☆265Updated 2 years ago
• VirtualAlllocEx / Direct-Syscalls-vs-Indirect-Syscalls
  The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls
  ☆214Updated last year
• ioncodes / SilentLoad
  "Service-less" driver loading
  ☆162Updated 11 months ago
• Maldev-Academy / AlphabeticalPolyShellGen
  Generate an Alphabetical Polymorphic Shellcode
  ☆130Updated 2 months ago