XaFF-XaFF / AMSI-BypassLinks
Rasta's mouse AMSI patch but with function that makes it undetectable.
☆13Updated 4 years ago
Alternatives and similar repositories for AMSI-Bypass
Users that are interested in AMSI-Bypass are comparing it to the libraries listed below
Sorting:
- Simple keylogger written in C# which is ready for modifications.☆14Updated 4 years ago
- A simple injector that uses LoadLibraryA☆18Updated 5 years ago
- A custom run space to bypass AMSI and Constrained Language mode in PowerShell.☆20Updated 2 years ago
- The Hunt for Malicious Strings☆13Updated 4 years ago
- JALSI - Just Another Lame Shellcode Injector☆30Updated 4 years ago
- Remote Thread Injection by C# + Delegate Techniques☆12Updated 2 years ago
- AppXSVC Service race condition - privilege escalation☆29Updated 6 years ago
- Ransoblin (Ransomware Bokoblin)☆18Updated 4 years ago
- Remote Desktop Protocol .NET Console Application for Authenticated Command Execution☆12Updated 5 years ago
- .NET 2.0 CLR project to retrieve saved browser credentials from Google Chrome, Mozilla Firefox and Microsoft Internet Explorer/Edge.☆21Updated 7 years ago
- Another AMSI bypass - but in C++.☆23Updated 2 years ago
- PoC Ransomware with Coinbase Commerce integration built on C# .NET Framework (console) and PHP☆25Updated 3 years ago
- A CUSTOM CODED FUD DLL, CODED IN C , WHEN LOADED , VIA A DECOY WEB-DELIVERY MODULE( FIRING A DECOY PROGRAM), WILL GIVE A REVERSE SHELL (P…☆33Updated 6 years ago
- Penetration Test / Read Team - C# tools repository☆57Updated 3 years ago
- 64bit Windows 10 shellcode that adds user BOKU:SP3C1ALM0V3 to the system and the localgroups Administrators & "Remote Desktop Users"☆40Updated 4 years ago
- Bind shell that uses Named Pipes as transport and execute PowerShell code through Runspaces.☆16Updated 6 years ago
- Another Portable Executable files analysing stuff☆21Updated 14 years ago
- A more advanced free and open .NET obfuscator using dnlib.☆10Updated 2 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆16Updated 7 years ago
- the most basic DLL ever to pop a cmd.☆24Updated 5 years ago
- ☆12Updated 5 years ago
- PoC code from blog☆16Updated 5 years ago
- Extract all IP of a computer using DCOM without authentication (aka detect network used for administration)☆26Updated 5 years ago
- Automatic DLL comment link generation and explaination of the DLL Proxying techniques☆10Updated 4 years ago
- SharpReg is a simple code set to interact with the Remote Registry service api and is compatible with Cobalt Strike.☆29Updated 5 years ago
- A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro…☆25Updated 3 years ago
- Get or remove RunMRU values☆59Updated 5 years ago
- XOR crypt/decrypt using C#☆12Updated 5 years ago
- ☆14Updated 6 years ago
- Demos of Donut used in conferences, etc. Mostly for my use, but free for others to use as a reference.☆32Updated 5 years ago