Alternatives and similar repositories for HostingCLR-Bypass-AMSI-Windows-Defender

Users that are interested in HostingCLR-Bypass-AMSI-Windows-Defender are comparing it to the libraries listed below

• decay88 / Tengri_Shellcode_Loader
  Encrypted Shellcode Loader Generator
  ☆22Updated 7 years ago
• d35ha / ShellInjector
  Execute an arbitrary command within the context of another process
  ☆21Updated 6 years ago
• 0r13lc0ch4v1 / HideFromAMSI
  Bypass AMSI and Executing PowerShell scripts from C# - using CyberArk's method to bypass AMSI
  ☆31Updated 5 years ago
• freesoul / netstub
  Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.
  ☆17Updated 7 years ago
• d35ha / RunPE
  An example of PE hollowing injection technique
  ☆25Updated 6 years ago
• melardev / XeytanWin32-RAT
  WORK IN PROGRESS. RAT written in C++ using Win32 API
  ☆19Updated 6 years ago
• HFaeiro / Remote-Admin-Tool
  Simple remote administration tool. Written in c++ and MASM.
  ☆18Updated 7 years ago
• rtcrowley / Offensive-Netsh-Helper
  Maintain Windows Persistence with an evil Netshell Helper DLL
  ☆12Updated 7 years ago
• active-labs / Advisories
  ACTIVELabs Security Advisories
  ☆23Updated 4 years ago
• dsnezhkov / HandsFreeCOM
  Self-Loading Registration Free COM Functions
  ☆11Updated 6 years ago
• guardicore / vmware_guest_auth_bypass
  Proof of concept of VMSA-2017-0012
  ☆41Updated 8 years ago
• claissg / remote_amsi_bypass
  Kill AMSI in a remote process PoC
  ☆10Updated 7 years ago
• 1M50RRY / runpe-native-loader
  Loader and RunPE file executer
  ☆18Updated 6 years ago
• decay88 / WinXRunPE-x86_x64
  Two C# RunPE's capable of x86 and x64 injections
  ☆11Updated 7 years ago
• DimopoulosElias / Primitives
  ☆31Updated 5 years ago
• riskydissonance / Ridgway
  A quick tool for hiding a new process running shellcode.
  ☆57Updated 5 years ago
• idiotc4t / ReflectiveBase64DLL
  This is a project to receive Base64 data and decode it in process
  ☆15Updated 5 years ago
• ThunderGunExpress / Reflective_Schtasks
  ☆54Updated 7 years ago
• DiabloHorn / cliramdisk
  A reduced functionality cli client for the imdisk ram disk driver. To be used through a backdoor like meterpreter
  ☆24Updated 7 years ago
• AzAgarampur / byeintegrity4-uac
  Bypass UAC by abusing the Windows Defender Firewall Control Panel, environment variables, and shell protocol handlers
  ☆18Updated 4 years ago
• tophertimzen / shellcodeTester
  GUI Application in C# to run and disassemble shellcode
  ☆36Updated 8 years ago
• ThunderGunExpress / Reflective_PSExec
  ☆45Updated 7 years ago
• 3gstudent / Add-Dll-Exports
  Use to generate DLL through Visual Studio
  ☆20Updated 8 years ago
• rastating / slae
  The source code of the SLAE assignments documented at https://rastating.github.io/
  ☆24Updated 7 years ago
• tyranid / setsidmapping
  Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.
  ☆25Updated 5 years ago
• malcomvetter / AntiDebug
  PoC: Prevent a debugger from attaching to managed .NET processes via a watcher process code pattern.
  ☆32Updated 7 years ago
• SLAUC91 / DLLFinder
  Enumerate the DLLs/Modules using NtQueryVirtualMemory
  ☆32Updated 10 years ago
• guitmz / msil-cecil-injection
  Injection of MSIL using Cecil
  ☆12Updated 10 years ago
• cobbr / InsecurePowerShellHost
  InsecurePowerShellHost is a .NET Core host process for InsecurePowerShell, a version of PowerShell Core v6.0.0 with key security features…
  ☆31Updated 8 years ago
• aaaddress1 / masqueradeCmdline
  A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.
  ☆41Updated 5 years ago