Ghosting-AMSI
☆18Apr 30, 2025Updated 10 months ago
Alternatives and similar repositories for Ghosting-AMSI
Users that are interested in Ghosting-AMSI are comparing it to the libraries listed below
Sorting:
- A Proof-of-Concept implementation of Reflective DLL Injection (RDI) specifically for Windows on ARM64. Demonstrates PEB access via the x1…☆34May 30, 2025Updated 9 months ago
- A python tool to generate an Excel file linking the list of cracked accounts and their LDAP attributes.☆12Jan 31, 2025Updated last year
- Sleep obfuscation in golang based on ekko☆13Jan 16, 2024Updated 2 years ago
- An another JWT cracker but really fast!☆11Jan 26, 2023Updated 3 years ago
- A port of classic netcat to C#☆34Jan 21, 2023Updated 3 years ago
- Test AMSI Provider implementation in C#☆42Dec 18, 2024Updated last year
- Links or additional data to some researches☆14May 24, 2019Updated 6 years ago
- �☆23Mar 17, 2024Updated last year
- CISOinaBox is a free community framework to organize tools, templates, and resources to help equip new CISOs and set them up for success.…☆31Updated this week
- Obex – Blocking unwanted DLLs in user mode☆281Sep 18, 2025Updated 5 months ago
- demo unhooking functions in ntdll☆28Jul 15, 2025Updated 7 months ago
- Frida plugin for Binary Ninja☆20Jan 12, 2025Updated last year
- An opensource API hooking framework☆22Jan 3, 2020Updated 6 years ago
- D/Invoke implementation in Nim☆101Jun 8, 2022Updated 3 years ago
- Rust 重构的 sRDI☆17Sep 9, 2024Updated last year
- Folder Or File Delete to Get System Shell on Current Session Desktop☆47Jan 14, 2025Updated last year
- Identifies metadata of .NET binary files.☆21Apr 3, 2024Updated last year
- Plugin interface for remote communications with Binary Ninja database and MCP server for interfacing with LLMs.☆59Feb 21, 2026Updated last week
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Jan 25, 2025Updated last year
- A fucking real shellcode loader with a GUI. Work-in-Progress.☆82Jun 25, 2025Updated 8 months ago
- Shellcode loader☆101Nov 24, 2024Updated last year
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆195Feb 6, 2025Updated last year
- Fully automated windows credentials dumper, for SAM (classic passwords) and WINHELLO (pins). Requires to be run from a linux machine with…☆80Nov 18, 2024Updated last year
- Learn how to intercept flutter apps☆23Jan 19, 2024Updated 2 years ago
- Bypasses AMSI protection through remote memory patching and parsing technique.☆54May 12, 2025Updated 9 months ago
- Beacon Debugger☆55Oct 28, 2024Updated last year
- A .NET assembly tracer using Harmony for runtime method interception.☆50Oct 24, 2025Updated 4 months ago
- A simple dnSpy extension for easily renaming members.☆20May 27, 2023Updated 2 years ago
- A lightweight tool that injects a custom assembly proxy into a target process to silently bypass ETW scanning by redirecting ETW calls to…☆45Jun 1, 2025Updated 9 months ago
- CLI tool to compute the TypeRefHash for .NET binaries.☆19Nov 10, 2021Updated 4 years ago
- Repository for scripts and tips for "Yara Scan Service"☆20Feb 19, 2023Updated 3 years ago
- ☆22Dec 22, 2020Updated 5 years ago
- The backend server handling API requests and task management☆55Updated this week
- ☆53Sep 23, 2025Updated 5 months ago
- Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls☆217Aug 31, 2025Updated 6 months ago
- Early cascade injection PoC based on Outflanks blog post written in Rust☆68Dec 26, 2025Updated 2 months ago
- Hunting and injecting RWX 'mockingjay' DLLs in pure nim☆60Dec 11, 2024Updated last year
- Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing☆25May 29, 2023Updated 2 years ago
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆232Feb 12, 2025Updated last year