Alternatives and similar repositories for Invoke-WinSATBypass:

Users that are interested in Invoke-WinSATBypass are comparing it to the libraries listed below

• mgeeky / CustomXMLPart
  A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.
  ☆36Updated 2 years ago
• susMdT / SharpAgent
  C# havoc implant
  ☆97Updated last year
• p4p1 / havoc-privkit
  a port of privkit bof for havoc
  ☆23Updated last year
• icyguider / PowerChunker
  Bypass AMSI via PowerShell by splitting a file into multiple chunks
  ☆49Updated 3 years ago
• fanbyprinciple / bin2shellcode
  .bin file to shellcode convertor
  ☆31Updated 6 months ago
• NotMedic / Invoke-Nanodump
  HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection
  ☆53Updated 2 years ago
• nullsection / Sneaky-DLL-Stager
  Reasonably undetected shellcode stager and executer.
  ☆35Updated 4 months ago
• x4sh3s / AMSI_Lines
  Bypass AMSI By Dividing files into multiple smaller files
  ☆45Updated 2 years ago
• termanix / TokenElevation
  Token Elevation to authorized user as SYSTEM or Domain Admins
  ☆23Updated last year
• ps1337 / Lastenzug
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆25Updated 2 years ago
• CodeXTF2 / PyHmmm
  Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …
  ☆79Updated last year
• amauricio / junkshell
  ☆29Updated last year
• SaadAhla / PSpersist
  Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell pro…
  ☆85Updated last year
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆45Updated 10 months ago
• som3canadian / Cloudflare-Redirector
  Just another C2 Redirector using CloudFlare.
  ☆82Updated 8 months ago
• KINGSABRI / ServerlessRedirector
  Serverless Redirector in various cloud vendor for red team
  ☆71Updated 2 years ago
• Octoberfest7 / lnk_generator
  Small project to facilitate creation of .lnk payloads
  ☆62Updated 2 years ago
• Tylous / File-Smuggling
  HTML smuggling is not an evil, it can be useful
  ☆13Updated last year
• ScriptIdiot / SysmonQuiet
  RDLL for Cobalt Strike beacon to silence sysmon process
  ☆87Updated 2 years ago
• improsec / CaddyStager
  ☆35Updated 2 years ago
• bohops / DynamicDotNet
  A collection of various and sundry code snippets that leverage .NET dynamic tradecraft
  ☆137Updated 8 months ago
• MaorSabag / Paruns-Fart
  Just another ntdll unhooking using Parun's Fart technique
  ☆73Updated last year
• Ghost53574 / havoc_profile_generator
  Havoc C2 profile generator
  ☆65Updated 2 months ago
• eversinc33 / CredGuess
  Generate password spraying lists based on the pwdLastSet-attribute of users.
  ☆55Updated last year
• EvilBytecode / Lifetime-Amsi-EtwPatch
  Two in one, patch lifetime powershell console, no more etw and amsi!
  ☆84Updated 6 months ago
• foxlox / hypobrychium
  Duplicate not owned Token from Running Process
  ☆72Updated last year
• naksyn / ModuleShifting
  Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…
  ☆109Updated last year
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆53Updated 6 months ago
• theart42 / Sharpcat
  A port of classic netcat to C#
  ☆30Updated last year