claissg / remote_amsi_bypassLinks
Kill AMSI in a remote process PoC
☆10Updated 6 years ago
Alternatives and similar repositories for remote_amsi_bypass
Users that are interested in remote_amsi_bypass are comparing it to the libraries listed below
Sorting:
- ☆54Updated 6 years ago
- InsecurePowerShellHost is a .NET Core host process for InsecurePowerShell, a version of PowerShell Core v6.0.0 with key security features…☆32Updated 7 years ago
- ☆45Updated 7 years ago
- Proof of concept of VMSA-2017-0012☆41Updated 8 years ago
- A minimal safe version of mimikatz to only allow the export of non-exportable Windows certificates☆24Updated 6 years ago
- Bypass AMSI and Executing PowerShell scripts from C# - using CyberArk's method to bypass AMSI☆31Updated 5 years ago
- ☆11Updated 6 years ago
- Code that can be used to create/steal/manipulate token contexts in a program. Can be implemented into other C# projects.☆12Updated 6 years ago
- Enumerate all processes and get specified file's handle,then close it.☆11Updated 7 years ago
- C# DCOM Execution☆18Updated 6 years ago
- Remove individual lines from Windows Event Viewer Log (EVT) files☆45Updated 4 years ago
- C# Implementation of Get-VaultCredential☆14Updated 7 years ago
- ☆54Updated 6 years ago
- Dynamic and extensible shell code generator with multiple output types which can be formatted in binary, hexadecimal, and the typical she…☆19Updated 5 years ago
- PoC: Prevent a debugger from attaching to managed .NET processes via a watcher process code pattern.☆32Updated 7 years ago
- Windows Installer Bypass using Rollback Script .rbs and .rbf - Race Condition☆22Updated 6 years ago
- Miscellaneous C-Sharp projects for red team activities☆24Updated 2 years ago
- ☆33Updated 8 years ago
- powershell to hide process by kd.exe☆32Updated 4 years ago
- CVE-2019-1064 Local Privilege Escalation Vulnerability☆24Updated 6 years ago
- A fully automatic CVE-2019-0841 bypass targeting all versions of Edge in Windows 10.☆59Updated 6 years ago
- Execute an arbitrary command within the context of another process☆20Updated 6 years ago
- Run Managed Assemblies with RunDll☆17Updated 7 years ago
- ☆42Updated 6 years ago
- Encrypted Shellcode Loader Generator☆22Updated 6 years ago
- ReaCOM has got a lot of tools to use and is related to component object model☆74Updated 5 years ago
- ☆36Updated 6 years ago
- The project uses popular anti-virus protection bypass techniques☆13Updated 6 years ago
- Playing around with token manipulation in C#.☆28Updated 5 years ago
- Python api for usage with cobalt strike's External C2 specification☆62Updated 6 years ago