ZeroMemoryEx / Amsi-KillerLinks
Lifetime AMSI bypass
☆664Updated 2 years ago
Alternatives and similar repositories for Amsi-Killer
Users that are interested in Amsi-Killer are comparing it to the libraries listed below
Sorting:
- Performing Indirect Clean Syscalls☆591Updated 2 years ago
- Automated DLL Sideloading Tool With EDR Evasion Capabilities☆500Updated last year
- Protected Process Dumper Tool☆569Updated 2 years ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆737Updated 4 months ago
- JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.☆314Updated 2 weeks ago
- Proof-of-concept obfuscation toolkit for C# post-exploitation tools☆586Updated 3 years ago
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆667Updated 2 years ago
- Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework☆389Updated last year
- Various ways to execute shellcode☆508Updated last year
- This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp…☆433Updated 2 years ago
- TartarusGate, Bypassing EDRs☆634Updated 3 years ago
- Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes☆1,035Updated 2 years ago
- DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.☆495Updated 3 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆992Updated last year
- ☆495Updated 3 years ago
- Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts wa…☆1,017Updated last month
- Analyse your malware to surgically obfuscate it☆509Updated 6 months ago
- Sleep Obfuscation☆808Updated 2 years ago
- A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…☆536Updated 3 years ago
- PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.☆615Updated 2 years ago
- InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…☆716Updated 2 years ago
- KaynLdr is a Reflective Loader written in C/ASM☆556Updated 2 years ago
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆688Updated 7 months ago
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer☆531Updated last year
- ☆333Updated 2 years ago
- A BOF that runs unmanaged PEs inline☆669Updated last year
- My collection of malware dev links☆299Updated 6 months ago
- This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and down…☆257Updated 2 years ago
- Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.☆405Updated 2 years ago
- Encrypted shellcode Injection to avoid Kernel triggered memory scans☆398Updated 2 years ago