Alternatives and similar repositories for Patch-Amsi

Users that are interested in Patch-Amsi are comparing it to the libraries listed below

• Vith0r / Indirect-Syscalls
  Indirect Syscalls Loader
  ☆16Updated 9 months ago
• jakydibe / Zone
  ☆17Updated 3 months ago
• moom825 / XenoStealer
  ☆41Updated 10 months ago
• micREsoft / SysCaller
  Windows syscall SDK with dynamic offset resolution, validation, obfuscation, and multi language bindings. Bypass API hooks across differe…
  ☆40Updated this week
• Quasar-Continuation / Cosmali
  ☆16Updated 3 months ago
• Logan-Elliott / HollowGhost
  Process hollowing C# shellcode runner that is FUD against Microsoft Defender as of October 7, 2023.
  ☆20Updated last year
• 0xOvid / RootkitDiaries
  Collection of different rootkit functionality, each driver representing a different rootkit component
  ☆11Updated 2 months ago
• C5Hackr / Phantom
  ☆120Updated 9 months ago
• ColeHouston / Sunder
  Windows rootkit designed to work with BYOVD exploits
  ☆204Updated 6 months ago
• RWXstoned / LdrShuffle
  Code execution/injection technique using DLL PEB module structure manipulation
  ☆155Updated 2 months ago
• praetorian-inc / ChromeAlone
  A tool to transform Chromium browsers into a C2 Implant
  ☆130Updated last week
• JanielDary / ImmoralFiber
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆269Updated 10 months ago
• V-i-x-x / kernel-callback-removal
  kernel callback removal (Bypassing EDR Detections)
  ☆184Updated 4 months ago
• LNodesL / NCrypt
  NCrypt portable crypter is a collection of C++ build tools, a tiny C compiler for the stub, and a useful codebase for anyone wanting to c…
  ☆10Updated last year
• susMdT / LoudSunRun
  Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven
  ☆235Updated 9 months ago
• klezVirus / DriverJack
  Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths
  ☆351Updated last year
• dobin / RedEdr
  Collect Windows telemetry for Maldev
  ☆394Updated last week
• maezyn / dolos
  Metamorphic engine written in Rust.
  ☆16Updated 3 years ago
• Maldev-Academy / GhostlyHollowingViaTamperedSyscalls
  Implementing the ghostly hollowing PE injection technique using tampered syscalls.
  ☆168Updated 5 months ago
• ZERODETECTION / MSC_Dropper
  ☆189Updated last year
• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆88Updated 2 months ago
• Cracked5pider / earlycascade-injection
  early cascade injection PoC based on Outflanks blog post
  ☆227Updated 9 months ago
• Offensive-Panda / DefenseEvasionTechniques
  This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…
  ☆125Updated 2 months ago
• Ephrimgnanam / Cute-RATs
  This is a collection of RATs for educational purposes
  ☆46Updated last week
• rbmm / SC_DEMO
  ☆118Updated 5 months ago
• ntdll0 / HVNC
  My POC implementation of HVNC (Hidden VNC / Hidden Desktop)
  ☆26Updated 7 months ago
• dslee2022 / SignatureKid
  ☆347Updated 2 months ago
• CarlosG13 / Process-Hypnosis-Debugger-assisted-control-flow-hijack
  ☆38Updated last year
• 0xNinjaCyclone / EarlyCascade
  A PoC for Early Cascade process injection technique.
  ☆189Updated 6 months ago
• Ricky5panish / PE-Runtime-Crypter
  A runtime Crypter written in C++ to bypass AVs signature based detection
  ☆34Updated 2 years ago