WithSecureLabs/AMSIDetection external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

WithSecureLabs/AMSIDetection

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/WithSecureLabs/AMSIDetection)

Close

WithSecureLabs / AMSIDetectionView on GitHubMore

• External links
• Readme badge

AMSI detection PoC

☆31Apr 14, 2020Updated 6 years ago

Alternatives and similar repositories for AMSIDetection

Users that are interested in AMSIDetection are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• matterpreter / getDA.sh

  View on GitHub
  Identify common attack paths to get Domain Administrator
  ☆21Aug 20, 2019Updated 6 years ago
• kartikdurg / Enum-LSASS

  View on GitHub
  LSASS enumeration like pypykatz written in C-Lang
  ☆20Dec 1, 2021Updated 4 years ago
• OTRF / BHEU22-ADFS

  View on GitHub
  Writing Your Own Ticket to the Cloud Like APT: A Deep-dive to AD FS Attacks, Detections, and Mitigations
  ☆12Dec 9, 2022Updated 3 years ago
• Yaxser / SharpPhish

  View on GitHub
  Using outlook COM objects to create convincing phishing emails without the user noticing. This project is meant for internal phishing.
  ☆156Dec 22, 2020Updated 5 years ago
• HuskyHacks / CobaltNotion

  View on GitHub
  A spin-off research project. Cobalt Strike x Notion collab 2022
  ☆52Apr 8, 2022Updated 4 years ago
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• aaaddress1 / knownDlls_Poison

  View on GitHub
  ☆28Dec 29, 2021Updated 4 years ago
• tothi / azure-function-proxy

  View on GitHub
  basic proxy as an azure function serverless app
  ☆17Jan 12, 2023Updated 3 years ago
• S3cur3Th1sSh1t / SharpUnhooker

  View on GitHub
  C# Based Universal API Unhooker - Automatically Unhook API Hives (ntdll.dll,kernel32.dll,user32.dll,and kernelbase.dll)
  ☆24Mar 7, 2023Updated 3 years ago
• nettitude / RunOF

  View on GitHub
  ☆153Jan 6, 2023Updated 3 years ago
• paranoidninja / DotNetTracer

  View on GitHub
  C code to enable ETW tracing for Dotnet Assemblies
  ☆33Aug 12, 2022Updated 3 years ago
• Flangvik / RosFuscator

  View on GitHub
  YouTube/Livestream project for obfuscating C# source code using Roslyn
  ☆129May 9, 2021Updated 5 years ago
• aaaddress1 / masqueradeCmdline

  View on GitHub
  A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.
  ☆40Dec 31, 2020Updated 5 years ago
• netbiosX / GhostLoader

  View on GitHub
  GhostLoader - AppDomainManager - Injection - 攻壳机动队
  ☆54May 21, 2020Updated 6 years ago
• jonny-jhnson / ProcCallback

  View on GitHub
  An example of how a driver can register a handle creation callback.
  ☆16Jun 12, 2023Updated 3 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• usdAG / SharpLink

  View on GitHub
  Create file system symbolic links from low privileged user accounts within PowerShell
  ☆95Jun 20, 2022Updated 4 years ago
• tijme / kernel-mii

  View on GitHub
  Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.
  ☆85May 7, 2023Updated 3 years ago
• Allevon412 / PPL_Sandboxer

  View on GitHub
  ☆82Feb 12, 2022Updated 4 years ago
• Octoberfest7 / Proxy_Egress_Persistence

  View on GitHub
  A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies
  ☆34Sep 15, 2022Updated 3 years ago
• EncodeGroup / Gopher

  View on GitHub
  C# tool to discover low hanging fruits
  ☆94Dec 15, 2022Updated 3 years ago
• kyleavery / inject-assembly

  View on GitHub
  Inject .NET assemblies into an existing process
  ☆508Jan 19, 2022Updated 4 years ago
• RedSection / printjacker

  View on GitHub
  Hijack Printconfig.dll to execute shellcode
  ☆103Jan 15, 2021Updated 5 years ago
• Cracked5pider / CoffeeLdr

  View on GitHub
  Beacon Object File Loader
  ☆296Dec 3, 2023Updated 2 years ago
• frkngksl / HintInject

  View on GitHub
  A PoC project for embedding shellcode to Hint/Name Table
  ☆115Apr 4, 2026Updated 2 months ago
• Serverless GPU API endpoints on Runpod - Get Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• rhelmke / urlenc

  View on GitHub
  URL-encode data streams via commandline
  ☆14Oct 26, 2019Updated 6 years ago
• CylanceVulnResearch / ReflectiveDLLRefresher

  View on GitHub
  Universal Unhooking
  ☆326Sep 19, 2018Updated 7 years ago
• EspressoCake / Firewall_Walker_BOF

  View on GitHub
  A BOF to interact with COM objects associated with the Windows software firewall.
  ☆113Oct 10, 2021Updated 4 years ago
• jsecu / ElevatedEvents

  View on GitHub
  ☆30Nov 7, 2022Updated 3 years ago
• EspressoCake / Self_Deletion_BOF

  View on GitHub
  BOF implementation of the research by @jonasLyk and the drafted PoC from @LloydLabs
  ☆186Oct 3, 2021Updated 4 years ago
• CCob / PwnyForm

  View on GitHub
  ☆48Nov 18, 2020Updated 5 years ago
• trustedsec / Windows-MS-LSAT-RPC-Example

  View on GitHub
  Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD
  ☆29Jan 4, 2024Updated 2 years ago
• gmh5225 / LetMeGG

  View on GitHub
  POC about how to prevent windbg break
  ☆15Oct 3, 2022Updated 3 years ago
• PorLaCola25 / PPID-Spoofing

  View on GitHub
  POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…
  ☆42Sep 23, 2021Updated 4 years ago
• Deploy open-source AI quickly and easily - Special Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• mattifestation / AntimalwareBlight

  View on GitHub
  Execute PowerShell code at the antimalware-light protection level.
  ☆143Dec 13, 2022Updated 3 years ago
• CCob / dnMerge

  View on GitHub
  A lightweight .NET assembly dependency merger that uses dnLib and 7zip's LZMA SDK for compressing dependant assemblies.
  ☆108Sep 4, 2024Updated last year
• whydee86 / SnD_AMSI

  View on GitHub
  Start new PowerShell without etw and amsi in pure nim
  ☆157Feb 14, 2022Updated 4 years ago
• EncodeGroup / AggressorScripts

  View on GitHub
  Simple Aggressor Scripts for Cobalt Strike
  ☆13Sep 24, 2020Updated 5 years ago
• EspressoCake / PPLDump_BOF

  View on GitHub
  A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.
  ☆142Sep 24, 2021Updated 4 years ago
• S3cur3Th1sSh1t / SharpOxidResolver

  View on GitHub
  IOXIDResolver from AirBus Security/PingCastle
  ☆52Nov 25, 2020Updated 5 years ago
• jfmaes / SharpHandler

  View on GitHub
  ☆188Jan 5, 2021Updated 5 years ago