dievus/PowerShellRunner external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

dievus/PowerShellRunner

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/dievus/PowerShellRunner)

Close

dievus / PowerShellRunnerView on GitHubMore

• External links
• Readme badge

PowerShell runner for executing malicious payloads in order to bypass Windows Defender.

☆73Nov 22, 2021Updated 4 years ago

Alternatives and similar repositories for PowerShellRunner

Users that are interested in PowerShellRunner are comparing it to the libraries listed below

• fanbyprinciple / bin2shellcode

  View on GitHub
  .bin file to shellcode convertor
  ☆39Jul 5, 2024Updated last year
• anonymous300502 / Nuke-AMSI

  View on GitHub
  NukeAMSI is a powerful tool designed to neutralize the Antimalware Scan Interface (AMSI) in Windows environments.
  ☆176Dec 19, 2025Updated 3 months ago
• CryptoBreach / UnhookPoC

  View on GitHub
  A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.
  ☆10Dec 16, 2021Updated 4 years ago
• cocomelonc / 2022-01-24-malware-injection-15

  View on GitHub
  Process injection via KernelCallbackTable
  ☆13Jan 28, 2022Updated 4 years ago
• Cyb3rDudu / MacroSliver

  View on GitHub
  Backport of SliverStager to work with DotNetToJScript for vba
  ☆17Aug 9, 2024Updated last year
• gh0x0st / Get-Shellcode

  View on GitHub
  A solution to create obfuscated shellcode from msfvenom for PowerShell.
  ☆26Aug 3, 2022Updated 3 years ago
• matro7sh / havoc-sharPersist

  View on GitHub
  ☆14Dec 5, 2024Updated last year
• zimnyaa / smbsocks

  View on GitHub
  A simple rpc2socks alternative in pure Go.
  ☆31Jul 8, 2024Updated last year
• xpn / malIDP

  View on GitHub
  ☆14Mar 19, 2024Updated 2 years ago
• safedv / RustiveDump

  View on GitHub
  LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and r…
  ☆385Apr 26, 2025Updated 10 months ago
• Octoberfest7 / Secure_Stager

  View on GitHub
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆195Nov 27, 2024Updated last year
• senzee1984 / micr0_shell

  View on GitHub
  micr0shell is a Python script that dynamically generates Windows X64 PIC Null-Free reverse shell shellcode.
  ☆210Jul 21, 2024Updated last year
• ShigShag / AMSI-Bypass-via-Page-Guard-Exceptions

  View on GitHub
  Shellcode and In-PowerShell solution for patching AMSI via Page Guard Exceptions
  ☆63Nov 15, 2025Updated 4 months ago
• MythicMeta / ExampleContainers

  View on GitHub
  Examples of various container types for Python and Golang
  ☆16Aug 29, 2025Updated 6 months ago
• 200ug / airborne

  View on GitHub
  Shellcode reflective DLL injection in Rust
  ☆27Dec 26, 2025Updated 2 months ago
• dmcxblue / SharpHIBP

  View on GitHub
  A C# Tool to gather information about email breaches
  ☆16Dec 21, 2023Updated 2 years ago
• Friends-Security / SharpExclusionFinder

  View on GitHub
  Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …
  ☆230Oct 6, 2024Updated last year
• b3rito / smugglo

  View on GitHub
  smugglo - an easy to use script for wrapping files into self-dropping HTML payloads to bypass content filters
  ☆131Mar 25, 2025Updated 11 months ago
• MSAdministrator / goattck

  View on GitHub
  A Golang CLI for the MITRE ATT&CK Framework
  ☆14Apr 28, 2025Updated 10 months ago
• scottctaylor12 / Red-Lambda

  View on GitHub
  Leveraging AWS Lambda Function URLs for C2 Redirection
  ☆45Aug 30, 2023Updated 2 years ago
• Bl4ckM1rror / FUD-UUID-Shellcode

  View on GitHub
  ☆336May 29, 2023Updated 2 years ago
• Kr0ff / WinMalDev

  View on GitHub
  Various methods of executing shellcode
  ☆74Mar 27, 2023Updated 2 years ago
• Muhammad-Ali007 / OutlookNTLM_CVE-2023-23397

  View on GitHub
  ☆22Jul 15, 2023Updated 2 years ago
• KiExitDispatcher / Shellcode-Loader

  View on GitHub
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆95Apr 27, 2025Updated 10 months ago
• Cerbersec / KillDefenderBOF

  View on GitHub
  Beacon Object File PoC implementation of KillDefender
  ☆235Apr 12, 2022Updated 3 years ago
• rbmm / Hollowed-Process

  View on GitHub
  ☆29Aug 24, 2025Updated 6 months ago
• S3cur3Th1sSh1t / SharpUnhooker

  View on GitHub
  C# Based Universal API Unhooker - Automatically Unhook API Hives (ntdll.dll,kernel32.dll,user32.dll,and kernelbase.dll)
  ☆25Mar 7, 2023Updated 3 years ago
• scriptchildie / goEkko

  View on GitHub
  Sleep obfuscation in golang based on ekko
  ☆14Jan 16, 2024Updated 2 years ago
• gh0x0st / Invoke-PSObfuscation

  View on GitHub
  An in-depth approach to obfuscating the individual components of a PowerShell payload whether you're on Windows or Kali Linux.
  ☆285Aug 5, 2022Updated 3 years ago
• Group3r / Group3r

  View on GitHub
  Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.
  ☆887Apr 8, 2025Updated 11 months ago
• vxCrypt0r / Voidgate

  View on GitHub
  A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…
  ☆592Jun 12, 2024Updated last year
• netero1010 / EDRSilencer

  View on GitHub
  A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the …
  ☆1,828Nov 3, 2024Updated last year
• GhostPack / Invoke-Evasion

  View on GitHub
  PowerShell Obfuscation and Data Science
  ☆180May 4, 2022Updated 3 years ago
• hashpwn / rules

  View on GitHub
  Top hashpwn rules
  ☆20Dec 12, 2025Updated 3 months ago
• safedv / RustVEHSyscalls

  View on GitHub
  A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.
  ☆164Oct 31, 2024Updated last year
• seriotonctf / kerberos_aes_key

  View on GitHub
  Generate AES128 and AES256 Kerberos keys from a given username, password, and realm
  ☆18Sep 18, 2024Updated last year
• VirtualAlllocEx / Create-Thread-Shellcode-Fetcher

  View on GitHub
  This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and down…
  ☆257May 25, 2023Updated 2 years ago
• F4l13n5n0w / sn0wldr

  View on GitHub
  This project is an AES loader for c2 shellcode
  ☆36Jan 24, 2024Updated 2 years ago
• 0xsp-SRD / mortar

  View on GitHub
  evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)
  ☆1,501Dec 21, 2023Updated 2 years ago