anonymous300502/Nuke-AMSI external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

anonymous300502/Nuke-AMSI

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/anonymous300502/Nuke-AMSI)

Close

anonymous300502 / Nuke-AMSIView on GitHubMore

• External links
• Readme badge

NukeAMSI is a powerful tool designed to neutralize the Antimalware Scan Interface (AMSI) in Windows environments.

☆175Dec 19, 2025Updated 2 months ago

Alternatives and similar repositories for Nuke-AMSI

Users that are interested in Nuke-AMSI are comparing it to the libraries listed below

• fanbyprinciple / bin2shellcode

  View on GitHub
  .bin file to shellcode convertor
  ☆39Jul 5, 2024Updated last year
• dievus / PowerShellRunner

  View on GitHub
  PowerShell runner for executing malicious payloads in order to bypass Windows Defender.
  ☆73Nov 22, 2021Updated 4 years ago
• scrt / PowerChell

  View on GitHub
  A PowerShell console in C/C++ with all the security features disabled
  ☆364Oct 14, 2025Updated 4 months ago
• WKL-Sec / GregsBestFriend

  View on GitHub
  GregsBestFriend process injection code created from the White Knight Labs Offensive Development course
  ☆204Jun 23, 2023Updated 2 years ago
• logangoins / Cable

  View on GitHub
  .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation
  ☆399Jul 23, 2025Updated 7 months ago
• NtDallas / Svartalfheim

  View on GitHub
  Stage 0
  ☆169Dec 18, 2024Updated last year
• Mayyhem / Maestro

  View on GitHub
  Abusing Azure services over C2
  ☆367Jan 20, 2026Updated last month
• Octoberfest7 / Secure_Stager

  View on GitHub
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆195Nov 27, 2024Updated last year
• cybersectroll / TrollAMSIdotnet

  View on GitHub
  ☆16Jun 15, 2025Updated 8 months ago
• Offensive-Panda / ShadowDumper

  View on GitHub
  Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advance…
  ☆571May 22, 2025Updated 9 months ago
• ricardojoserf / TrickDump

  View on GitHub
  Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!
  ☆539May 9, 2025Updated 9 months ago
• vxCrypt0r / AMSI_VEH

  View on GitHub
  A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…
  ☆169May 30, 2024Updated last year
• Karkas66 / EarlyCascadeImprooved

  View on GitHub
  an Improoved Version of 0xNinjaCyclone´s EarlyCascade Code
  ☆22Feb 20, 2025Updated last year
• andreisss / Ghosting-AMSI

  View on GitHub
  Ghosting-AMSI
  ☆225Apr 24, 2025Updated 10 months ago
• MaLDAPtive / Invoke-Maldaptive

  View on GitHub
  MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.
  ☆336Aug 7, 2024Updated last year
• Cracked5pider / earlycascade-injection

  View on GitHub
  early cascade injection PoC based on Outflanks blog post
  ☆237Nov 7, 2024Updated last year
• ricardojoserf / BOF_Files

  View on GitHub
  Repository to gather the BOF files I will be developing
  ☆11Oct 1, 2024Updated last year
• SilvestriF3 / Passworld

  View on GitHub
  Passworld is a fully customizable wordlist generator
  ☆16Sep 13, 2024Updated last year
• ricardojoserf / NativeBypassCredGuard

  View on GitHub
  Bypass Credential Guard by patching WDigest.dll using only NTAPI functions
  ☆267Apr 8, 2025Updated 10 months ago
• 0xthirteen / Carseat

  View on GitHub
  Python implementation of GhostPack's Seatbelt situational awareness tool
  ☆271Nov 12, 2024Updated last year
• Offensive-Panda / .NET_PROFILER_DLL_LOADING

  View on GitHub
  .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…
  ☆46Jul 29, 2024Updated last year
• BlackSnufkin / NyxInvoke

  View on GitHub
  NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…
  ☆234Feb 12, 2025Updated last year
• 0xNinjaCyclone / EarlyCascade

  View on GitHub
  A PoC for Early Cascade process injection technique.
  ☆211Jan 30, 2025Updated last year
• netero1010 / EDRSilencer

  View on GitHub
  A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the …
  ☆1,823Nov 3, 2024Updated last year
• ricardojoserf / NativeDump

  View on GitHub
  Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
  ☆701May 7, 2025Updated 9 months ago
• dobin / avred

  View on GitHub
  Analyse your malware to surgically obfuscate it
  ☆520Dec 17, 2025Updated 2 months ago
• 0xdea / blindsight

  View on GitHub
  Red teaming tool to dump LSASS memory, bypassing basic countermeasures.
  ☆246Nov 2, 2025Updated 4 months ago
• cpu0x00 / Ghost

  View on GitHub
  Evasive shellcode loader
  ☆401Oct 17, 2024Updated last year
• NtDallas / KrakenMask

  View on GitHub
  Sleep obfuscation
  ☆268Dec 13, 2024Updated last year
• vxCrypt0r / Voidgate

  View on GitHub
  A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…
  ☆592Jun 12, 2024Updated last year
• S3cur3Th1sSh1t / Ruy-Lopez

  View on GitHub
  ☆319Jun 28, 2023Updated 2 years ago
• Sh4N4C1 / sh4loader

  View on GitHub
  ☆29Sep 4, 2024Updated last year
• synacktiv / Invoke-RunAsWithCert

  View on GitHub
  A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.
  ☆174May 13, 2024Updated last year
• gsmith257-cyber / better-sliver

  View on GitHub
  Adversary Emulation Framework
  ☆129Jul 1, 2025Updated 8 months ago
• dobin / RedEdr

  View on GitHub
  Collect Windows telemetry for Maldev
  ☆460Jan 30, 2026Updated last month
• decoder-it / KrbRelayEx

  View on GitHub
  ☆381Oct 17, 2025Updated 4 months ago
• Sh3lldon / FullBypass

  View on GitHub
  A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage Power…
  ☆813Mar 28, 2025Updated 11 months ago
• 0x3rhy / BypassCredGuard-BOF

  View on GitHub
  BypassCredGuard CS BOF
  ☆51Jan 23, 2025Updated last year
• reveng007 / DarkWidow

  View on GitHub
  Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …
  ☆779Jan 26, 2026Updated last month