A repo to hold any bypasses I work on/study/whatever
☆19Dec 30, 2020Updated 5 years ago
Alternatives and similar repositories for FunWithAMSI
Users that are interested in FunWithAMSI are comparing it to the libraries listed below
Sorting:
- Preventing 3rd Party DLLs from Injecting into your Malware☆25Aug 31, 2021Updated 4 years ago
- Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS us…☆71Nov 14, 2020Updated 5 years ago
- Bypass AMSI and Defender using Ordinal Values☆41Apr 15, 2020Updated 5 years ago
- C# loader for msfvenom shellcode with AMSI bypass☆34Jun 13, 2020Updated 5 years ago
- inject shellcode into remote process via message hook☆15Oct 28, 2020Updated 5 years ago
- ☆48Mar 19, 2020Updated 5 years ago
- Desktop app that crawls urls from Google's search engine results☆17Mar 5, 2024Updated last year
- An Ansible role to install cobalt-strike☆16Aug 24, 2020Updated 5 years ago
- Bypass AMSI and Executing PowerShell scripts from C# - using CyberArk's method to bypass AMSI☆31Feb 22, 2020Updated 6 years ago
- This tool enables the compilation of a C# program that will execute arbitrary PowerShell code, without launching PowerShell processes thr…☆196Jul 26, 2020Updated 5 years ago
- Shellcode injector using direct syscalls☆123Aug 17, 2020Updated 5 years ago
- Project to enumerate proxy configurations and generate shellcode from CobaltStrike☆140Nov 4, 2020Updated 5 years ago
- Password Spraying Script detecting current and previous passwords of Active Directory User☆66Sep 9, 2021Updated 4 years ago
- Hunting for Microsoft Exchange the LDAP Way.☆35Oct 30, 2019Updated 6 years ago
- New UAC bypass for Silent Cleanup for CobaltStrike☆191Jul 14, 2021Updated 4 years ago
- Video files for eBook: "Bypassing AVs by C#.NET Programming"☆41Jun 6, 2023Updated 2 years ago
- AmsiHook is a project I created to figure out a bypass to AMSI via function hooking.☆67Jun 14, 2020Updated 5 years ago
- Companion PoC for the "Adventures in Dynamic Evasion" blog post☆129May 25, 2021Updated 4 years ago
- Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…☆25Mar 26, 2020Updated 5 years ago
- ☆15Aug 17, 2023Updated 2 years ago
- Assorted, MIT licensed, threat hunting rules from @bradleyjkemp☆14Mar 11, 2022Updated 3 years ago
- Simple PowerShell enumeration script to look for interesting files☆10Aug 26, 2019Updated 6 years ago
- Reflective DLL loading of your favorite Golang program☆173Jan 27, 2020Updated 6 years ago
- SharpAddDomainMachine☆69Oct 12, 2021Updated 4 years ago
- 自不量力的mimikatz分离计划☆44Nov 28, 2021Updated 4 years ago
- A simplified version of DotNetToJScript to create a JScript file which loads a .NET v2 assembly from memory.☆46Mar 1, 2021Updated 4 years ago
- adding a backdooruser using win32api☆80Sep 3, 2020Updated 5 years ago
- C# Clipboard Monitor☆186Apr 2, 2020Updated 5 years ago
- C# port of LogServiceCrash☆46Oct 7, 2020Updated 5 years ago
- SharpCat - A Simple Reversed Command Shell which can be started using InstallUtil (Bypassing AppLocker)☆46Jun 10, 2016Updated 9 years ago
- ☆53Oct 20, 2020Updated 5 years ago
- simple demo of using C# & System.Management.Automation.dll to run powershell code (b64 encoded) without powershell.exe☆14Mar 29, 2017Updated 8 years ago
- Alternative Mimikatz LSASS DUMPER☆14Apr 2, 2020Updated 5 years ago
- Call your own DLL from VBA and execute code under process svchost.exe with WMI☆12Mar 6, 2020Updated 5 years ago
- Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File☆216Oct 8, 2020Updated 5 years ago
- EDR Evasion - Combination of SwampThing - TikiTorch☆29May 28, 2020Updated 5 years ago
- ☆26May 22, 2021Updated 4 years ago
- ☆28Aug 9, 2020Updated 5 years ago
- Automation Capable Multi Search 64 Bit Windows Memory Scanner☆28Apr 7, 2021Updated 4 years ago